Folding StrictWhitespace into the Strict ruleset of RFC7230, per dev@ poll.

This choice is unanimous, although StrictURI (a different RFC) still hasn't
found absolute concensus.

An ap_mmn bump will follow (major, this removes a struct elt)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758226 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/include/http_core.h b/include/http_core.h
index cac1f3b303d7810ff6b238a323d49f00a8116521..91ae01e9c0b8a47c8be2007f47754b5e7ebefe7d 100644 (file)
--- a/include/http_core.h
+++ b/include/http_core.h
@@ -739,11 +739,6 @@ typedef struct {
 #define AP_HTTP_CONFORMANCE_STRICT    2
     char http_conformance;
 
-#define AP_HTTP_WHITESPACE_UNSET      0
-#define AP_HTTP_WHITESPACE_UNSAFE     1
-#define AP_HTTP_WHITESPACE_STRICT     2
-    char http_whitespace;
-
 #define AP_HTTP_METHODS_UNSET         0
 #define AP_HTTP_METHODS_LENIENT       1
 #define AP_HTTP_METHODS_REGISTERED    2

diff --git a/server/core.c b/server/core.c
index 4280204354bedd2fed86d795c52580e6fe11d4a9..92b2fc4b59dbc5f35747c769f18795a40c59499f 100644 (file)
--- a/server/core.c
+++ b/server/core.c
@@ -536,9 +536,6 @@ static void *merge_core_server_configs(apr_pool_t *p, void *basev, void *virtv)
     if (virt->http_stricturi != AP_HTTP_URI_UNSET)
         conf->http_stricturi = virt->http_stricturi;
 
-    if (virt->http_whitespace != AP_HTTP_WHITESPACE_UNSET)
-        conf->http_whitespace = virt->http_whitespace;
-
     if (virt->http_methods != AP_HTTP_METHODS_UNSET)
         conf->http_methods = virt->http_methods;
 
@@ -4038,10 +4035,6 @@ static const char *set_http_protocol_options(cmd_parms *cmd, void *dummy,
         conf->http_stricturi |= AP_HTTP_URI_STRICT;
     else if (strcasecmp(arg, "unsafeuri") == 0)
         conf->http_stricturi |= AP_HTTP_URI_UNSAFE;
-    else if (strcasecmp(arg, "strictwhitespace") == 0)
-        conf->http_whitespace |= AP_HTTP_WHITESPACE_STRICT;
-    else if (strcasecmp(arg, "unsafewhitespace") == 0)
-        conf->http_whitespace |= AP_HTTP_WHITESPACE_UNSAFE;
     else if (strcasecmp(arg, "registeredmethods") == 0)
         conf->http_methods |= AP_HTTP_METHODS_REGISTERED;
     else if (strcasecmp(arg, "lenientmethods") == 0)
@@ -4050,7 +4043,6 @@ static const char *set_http_protocol_options(cmd_parms *cmd, void *dummy,
         return "HttpProtocolOptions accepts "
                "'Unsafe' or 'Strict' (default), "
                "'UnsafeURI' or 'StrictURI' (default), "
-               "'UnsafeWhitespace' or 'StrictWhitespace' (default), "
                "'RegisteredMethods' or 'LenientMethods' (default), and "
                "'Require1.0' or 'Allow0.9' (default)";
 
@@ -4069,11 +4061,6 @@ static const char *set_http_protocol_options(cmd_parms *cmd, void *dummy,
         return "HttpProtocolOptions 'Strict' and 'Unsafe'"
                " are mutually exclusive";
 
-    if ((conf->http_whitespace & AP_HTTP_WHITESPACE_STRICT)
-            && (conf->http_whitespace & AP_HTTP_WHITESPACE_UNSAFE))
-        return "HttpProtocolOptions 'StrictWhitespace' and 'UnsafeWhitespace'"
-               " are mutually exclusive";
-
     if ((conf->http_methods & AP_HTTP_METHODS_REGISTERED)
             && (conf->http_methods & AP_HTTP_METHODS_LENIENT))
         return "HttpProtocolOptions 'RegisteredMethods' and 'LenientMethods'"

diff --git a/server/protocol.c b/server/protocol.c
index 0d0325d7407af35846d9ec28daf0fc8347ee1122..ee79d3095325455d04d6a44ea9001e450fd5f07c 100644 (file)
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -583,7 +583,6 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
     core_server_config *conf = ap_get_core_module_config(r->server->module_config);
     int strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
     int stricturi = (conf->http_stricturi != AP_HTTP_URI_UNSAFE);
-    int strictspaces = (conf->http_whitespace != AP_HTTP_WHITESPACE_UNSAFE);
 
     /* Read past empty lines until we get a real request line,
      * a read error, the connection closes (EOF), or we timeout.
@@ -671,7 +670,7 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
     }
 
     /* Verify method terminated with a single SP, otherwise mark in error */
-    if (strictspaces && ll[0] && (ll[0] != ' ' || apr_isspace(ll[1]))
+    if (strict && ll[0] && (ll[0] != ' ' || apr_isspace(ll[1]))
             && deferred_error == rrl_none) {
         deferred_error = rrl_excesswhitespace; 
     }
@@ -680,7 +679,7 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
      * then NUL terminate the method string
      */
     for (uri = ll; apr_isspace(*uri); ++uri) 
-        if (strictspaces && ap_strchr_c("\t\n\v\f\r", *uri)
+        if (strict && ap_strchr_c("\t\n\v\f\r", *uri)
                 && deferred_error == rrl_none)
             deferred_error = rrl_badwhitespace; 
     *ll = '\0';
@@ -708,7 +707,7 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
     }
 
     /* Verify uri terminated with a single SP, otherwise mark in error */
-    if (strictspaces && ll[0] && (ll[0] != ' ' || apr_isspace(ll[1]))
+    if (strict && ll[0] && (ll[0] != ' ' || apr_isspace(ll[1]))
             && deferred_error == rrl_none) {
         deferred_error = rrl_excesswhitespace; 
     }
@@ -717,7 +716,7 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
      * then NUL terminate the uri string
      */
     for (r->protocol = ll; apr_isspace(*r->protocol); ++r->protocol) 
-        if (strictspaces && ap_strchr_c("\t\n\v\f\r", *r->protocol)
+        if (strict && ap_strchr_c("\t\n\v\f\r", *r->protocol)
                 && deferred_error == rrl_none)
             deferred_error = rrl_badwhitespace; 
     *ll = '\0';
@@ -735,10 +734,10 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
      * determine if trailing text is found, unconditionally mark in error,
      * finally NUL terminate the protocol string
      */
-    if (strictspaces && *ll)
+    if (strict && *ll)
         deferred_error = rrl_excesswhitespace; 
     for ( ; apr_isspace(*ll); ++ll)
-        if (strictspaces && ap_strchr_c("\t\n\v\f\r", *ll)
+        if (strict && ap_strchr_c("\t\n\v\f\r", *ll)
                 && deferred_error == rrl_none)
             deferred_error = rrl_badwhitespace; 
     if (*ll && deferred_error == rrl_none)
@@ -943,7 +942,6 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb
     char *tmp_field;
     core_server_config *conf = ap_get_core_module_config(r->server->module_config);
     int strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
-    int strictspaces = (conf->http_whitespace != AP_HTTP_WHITESPACE_UNSAFE);
 
     /*
      * Read header lines until we get the empty separator line, a read error,
@@ -982,7 +980,7 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb
             return;
         }
 
-        if (strictspaces && strpbrk(field, "\n\v\f\r")) {
+        if (strict && strpbrk(field, "\n\v\f\r")) {
             r->status = HTTP_BAD_REQUEST;
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03451)
                           "Request header line presented bad whitespace "
@@ -1116,7 +1114,7 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb
 
                 *value++ = '\0'; /* NUL-terminate at colon */
 
-                if (strictspaces && strpbrk(last_field, " \t")) {
+                if (strict && strpbrk(last_field, " \t")) {
                     r->status = HTTP_BAD_REQUEST;
                     ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03452)
                                   "Request header field name with whitespace "