clearly wrong, and even if so, it doesn't seem like a
showstopper.
- * the edge connection filter cannot be removed
+ * the edge connection filter cannot be removed
http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105366252619530&w=2
http://mail-archives.apache.org/mod_mbox/httpd-dev/200501.mbox/%3C41E30B42.4060202@stason.org%3E
jerenkrantz asks: Why should this block a release?
/* we may have switched to another server */
apply_server_config(r);
- if ((access_status = ap_run_post_read_request(r))) {
+ if ((access_status = ap_post_read_request(r))) {
goto die;
}
return NULL;
}
+AP_DECLARE(int) ap_post_read_request(request_rec *r)
+{
+ int status;
+
+ if ((status = ap_run_post_read_request(r))) {
+ return status;
+ }
+
+ /* Enforce http(s) only scheme for non-forward-proxy requests */
+ if (!r->proxyreq
+ && r->parsed_uri.scheme
+ && ap_cstr_casecmp(r->parsed_uri.scheme, ap_http_scheme(r)) != 0) {
+ return HTTP_BAD_REQUEST;
+ }
+
+ return OK;
+}
+
/* if a request with a body creates a subrequest, remove original request's
* input headers which pertain to the body which has already been read.
* out-of-line helper function for ap_set_sub_req_protocol.
return token;
}
+#define IS_TOKEN_SEP(c) ((c) == ',' || (c) == ';')
/* find http tokens, see the definition of token from RFC2068 */
AP_DECLARE(int) ap_find_token(apr_pool_t *p, const char *line, const char *tok)
{
const unsigned char *start_token;
const unsigned char *s;
+ apr_size_t tlen;
- if (!line)
+ tlen = strlen(tok);
+ if (!line || !tlen)
return 0;
s = (const unsigned char *)line;
for (;;) {
- /* find start of token, skip all stop characters */
- while (*s && TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) {
+ /* find start of token */
+ while (apr_isspace(*s) || IS_TOKEN_SEP(*s)) {
++s;
}
if (!*s) {
return 0;
}
- start_token = s;
- /* find end of the token */
- while (*s && !TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) {
- ++s;
- }
- if (!ap_cstr_casecmpn((const char *)start_token, (const char *)tok,
- s - start_token)) {
- return 1;
+ if (!TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) {
+ /* find end of token */
+ start_token = s;
+ do {
+ ++s;
+ } while (!TEST_CHAR(*s, T_HTTP_TOKEN_STOP));
+
+ if (tlen == (apr_size_t)(s - start_token)) {
+ /* only spaces up to the next token separator */
+ while (apr_isspace(*s)) {
+ ++s;
+ }
+ if ((!*s || IS_TOKEN_SEP(*s))
+ && !ap_cstr_casecmpn((const char *)start_token,
+ (const char *)tok, tlen)) {
+ return 1;
+ }
+ }
}
- if (!*s) {
- return 0;
+ /* advance to the next token */
+ while (*s && !IS_TOKEN_SEP(*s)) {
+ ++s;
}
}
}
static const char *find_last_token(apr_pool_t *p, const char *line,
const char *tok)
{
- int llen, tlen, lidx;
+ apr_size_t llen, tlen;
+ apr_ssize_t lidx;
if (!line)
return NULL;
- llen = strlen(line);
tlen = strlen(tok);
- lidx = llen - tlen;
+ if (!tlen)
+ return NULL;
- if (lidx < 0 ||
- (lidx > 0 && !(apr_isspace(line[lidx - 1]) || line[lidx - 1] == ',')))
+ llen = strlen(line);
+ while (llen > 0 && apr_isspace(line[llen - 1]))
+ --llen;
+ lidx = llen - tlen;
+ if (lidx < 0)
return NULL;
- if (ap_cstr_casecmpn(&line[lidx], tok, tlen) == 0) {
- return &line[lidx];
+ if (lidx > 0) {
+ apr_size_t i = lidx - 1;
+ do {
+ if (line[i] == ',')
+ break;
+ if (!apr_isspace(line[i]))
+ return NULL;
+ } while (i--);
}
- return NULL;
+
+ if (ap_cstr_casecmpn(&line[lidx], tok, tlen) != 0)
+ return NULL;
+
+ return &line[lidx];
}
AP_DECLARE(int) ap_find_last_token(apr_pool_t *p, const char *line,
projects / thirdparty / apache / httpd.git / commitdiff
