incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
Note: For the byterange example, the handler must set r->status_line
even though this is a 200 response. Some proxy-type modules blindly
set r->status_line as set by the origin server and thus trigger
the problem with byteranges if the origin server didn't handle the
byterange.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@379562
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.3.0
[Remove entries to the current 2.0 and 2.2 section below, when backported]
+ *) Ensure that the proper status line is written to the client, fixing
+ incorrect status lines caused by filters which modify r->status without
+ resetting r->status_line, such as the built-in byterange filter.
+ [Jeff Trawick]
+
*) mod_ssl: Fix spurious hostname mismatch warning for valid
wildcard certificates. PR 37911. [Nick Burch <nick torchbox.com>]
#endif
}
+/* Confirm that the status line is well-formed and matches r->status.
+ * If they don't match, a filter may have negated the status line set by a
+ * handler.
+ * Zap r->status_line if bad.
+ */
+static void validate_status_line(request_rec *r)
+{
+ char *end;
+
+ if (r->status_line
+ && (strlen(r->status_line) <= 4
+ || apr_strtoi64(r->status_line, &end, 10) != r->status
+ || *end != ' '
+ || (end - 3) != r->status_line)) {
+ r->status_line = NULL;
+ }
+}
+
/*
* Determine the protocol to use for the response. Potentially downgrade
* to HTTP/1.0 in some situations and/or turn off keepalives.
return;
}
+ validate_status_line(r);
+
if (!r->status_line) {
r->status_line = ap_get_status_line(r->status);
}
projects / thirdparty / apache / httpd.git / commitdiff
