From: Eric Covener Date: Sun, 6 Jul 2014 21:57:44 +0000 (+0000) Subject: * mod_rewrite: Support session cookies with the CO= flag when later parameters X-Git-Tag: 2.2.28~71 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c406ba27477f81f0be4e12c600f93cfda17be656;p=thirdparty%2Fapache%2Fhttpd.git * mod_rewrite: Support session cookies with the CO= flag when later parameters are used. The doc for this implied the feature had been backported for quite some time. PR56014 Submitted by: covener Reviewed by: covener, ylavic, rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1608304 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 4b5e9705b69..d07443274d9 100644 --- a/CHANGES +++ b/CHANGES @@ -1,10 +1,14 @@ -*- coding: utf-8 -*- Changes with Apache 2.2.28 + *) mod_rewrite: Support session cookies with the CO= flag when later parameters + are used. The doc for this implied the feature had been backported for + quite some time. PR56014 [Eric Covener] + *) mod_cache: Don't remove stale cache entries that cannot be conditionally - revalidated. This prevents the thundring herd protection from serving - stale responses during a revalidation. PR 50317. - [Eric Covener, Jan Kaluza, Ruediger Pluem] + revalidated. This prevents the thundring herd protection from serving + stale responses during a revalidation. PR 50317. + [Eric Covener, Jan Kaluza, Ruediger Pluem] *) core: Increase TCP_DEFER_ACCEPT socket option to from 1 to 30 seconds. PR 41270. [Dean Gaudet ] diff --git a/STATUS b/STATUS index b1cbf73861e..a844325b205 100644 --- a/STATUS +++ b/STATUS @@ -99,13 +99,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_rewrite: Support session cookies with the CO= flag when later parameters - are used. The doc for this implied the feature had been backported for - quite some time. PR56014 - trunk patch: http://svn.apache.org/viewvc?view=revision&revision=664333 - 2.2.x patch: http://people.apache.org/~covener/patches/httpd-2.2.x-rewrite-sessioncookie.diff - +1 covener, ylavic, rpluem - * mod_cache, mod_disk_cache: Try to use the key of a possible open but stale cache entry if there is one. This fixes problem when two different cache locks have been created for single stale cache entry leading to two diff --git a/docs/manual/rewrite/flags.xml b/docs/manual/rewrite/flags.xml index 79eb45e71eb..56f6f0bf27c 100644 --- a/docs/manual/rewrite/flags.xml +++ b/docs/manual/rewrite/flags.xml @@ -139,12 +139,11 @@ security model.
Lifetime
The time for which the cookie will persist, in minutes.
-
By default, the cookie will persist only for the -current browser session. If you need to specify any later -parameter (Path, Secure, httponly), it is not currently -possible to explicitly configure session lifetime. Note: -Previous versions of this documentation erroneouly stated -otherwise.
+
A value of 0 indicates that the cookie will persist only for the +current browser session. This is the default value if none is +specified. Prior to 2.2.28, a value of 0 indicates immediate expiration +and it was not possible to specify session lifetime if any later +parameters (Path, Secure, httponly) were specified
Path
The path, on the current website, for which the cookie is valid, diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 081c7b5948a..d3209b44954 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -2420,23 +2420,30 @@ static void add_cookie(request_rec *r, char *s) if (expires) { apr_time_exp_t tms; - apr_time_exp_gmt(&tms, r->request_time - + apr_time_from_sec((60 * atol(expires)))); - exp_time = apr_psprintf(r->pool, "%s, %.2d-%s-%.4d " - "%.2d:%.2d:%.2d GMT", - apr_day_snames[tms.tm_wday], - tms.tm_mday, - apr_month_snames[tms.tm_mon], - tms.tm_year+1900, - tms.tm_hour, tms.tm_min, tms.tm_sec); + long exp_min; + + exp_min = atol(expires); + if (exp_min) { + apr_time_exp_gmt(&tms, r->request_time + + apr_time_from_sec((60 * exp_min))); + exp_time = apr_psprintf(r->pool, "%s, %.2d-%s-%.4d " + "%.2d:%.2d:%.2d GMT", + apr_day_snames[tms.tm_wday], + tms.tm_mday, + apr_month_snames[tms.tm_mon], + tms.tm_year+1900, + tms.tm_hour, tms.tm_min, tms.tm_sec); + } } cookie = apr_pstrcat(rmain->pool, var, "=", val, "; path=", path ? path : "/", "; domain=", domain, - expires ? "; expires=" : NULL, - expires ? exp_time : NULL, + expires ? (exp_time ? "; expires=" : "") + : NULL, + expires ? (exp_time ? exp_time : "") + : NULL, (secure && (!strcasecmp(secure, "true") || !strcmp(secure, "1") || !strcasecmp(secure,