mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]
+ *) mod_dav_fs: Retrieve minimal system information about directory
+ entries when walking a DAV fs, resolving a performance degradation on
+ Windows. PR 45464. [Jeff Trawick]
+
+ *) mod_cgid: Pass along empty command line arguments from an ISINDEX
+ query that has consecutive '+' characters in the QUERY_STRING,
+ matching the behavior of mod_cgi.
+ [Eric Covener]
+
*) mod_headers: Prevent Header edit from processing only the first header
of possibly multiple headers with the same name and deleting the
remaining ones. PR 45333. [Ruediger Pluem]
** Does this platform support an executable flag?
**
** ### need a way to portably abstract this query
+**
+** DAV_FINFO_MASK gives the appropriate mask to use for the stat call
+** used to get file attributes.
*/
#ifndef WIN32
#define DAV_FS_HAS_EXECUTABLE
+#define DAV_FINFO_MASK (APR_FINFO_LINK | APR_FINFO_TYPE | APR_FINFO_INODE | \
+ APR_FINFO_SIZE | APR_FINFO_CTIME | APR_FINFO_MTIME | \
+ APR_FINFO_PROT)
+#else
+/* as above, but without APR_FINFO_PROT */
+#define DAV_FINFO_MASK (APR_FINFO_LINK | APR_FINFO_TYPE | APR_FINFO_INODE | \
+ APR_FINFO_SIZE | APR_FINFO_CTIME | APR_FINFO_MTIME)
#endif
/*
/* append this file onto the path buffer (copy null term) */
dav_buffer_place_mem(pool, &fsctx->path1, dirent.name, len + 1, 0);
-
- /* ### Optimize me, dirent can give us what we need! */
status = apr_stat(&fsctx->info1.finfo, fsctx->path1.buf,
- APR_FINFO_NORM | APR_FINFO_LINK, pool);
+ DAV_FINFO_MASK, pool);
if (status != APR_SUCCESS && status != APR_INCOMPLETE) {
/* woah! where'd it go? */
/* ### should have a better error here */
projects / thirdparty / apache / httpd.git / commitdiff
