Scratch another its - this patchs allows me to hugely simply auth modules

which use non 4xx methods for auth (such as cookies, referers ,etc).

Submitted by Sander van Zoest (for a slightly different reason) - see
explanation below.

From: Sander van Zoest
To: dev@httpd.apache.org

It is common practice to set Cookie's to pass along on HTTP
redirects for "login" authentication.

When implementing P3P <http://www.w3.org/P3P/> using
mod_headers.c the Header directive only sets r->headers_out
and does not pass the headers along for non-2XX responses
such as error pages and redirects.

To provide this functionality we added the ErrorHeader
directive which populates r->err_headers_out instead.

Below follows a patch for 1.3.X by Michael Radwin <radwin_at_yahoo-inc.com>.

I have some code that attempts to add Directive to 2.0.X, but
it seems that output_filters are shortcuted on 3XX responses.
While now by setting the Header directive it also passes the headers
along at for all non-2XX responses except 3XX responses.

Cheers,

--
Sander van Zoest

PR: 9181
Obtained from: Michael Radwin
Submitted by: Sander van Zoest
Reviewed by: Dirk-Willem van Gulik

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@96981 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/src/CHANGES b/src/CHANGES
index 784f3ec0a9a7c4c1a5ceba339d12f2a09c576af0..85277e9c33479f7d68351be00a6ef415efc1e5b6 100644 (file)
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -1,5 +1,14 @@
 Changes with Apache 1.3.27
 
+  *) Included a patch submitted by Sander van Zoest (#9181) and
+     written by Michael Radwin whichs is essentially a work around
+     for the adding headers to error responses. As apache does not
+     go through the proper chain for non 2xx responses. This patch
+     adds an ErrorHeader directive; which is for non 2xx replies the
+     direct analog of the existing Header directive. This is usefull
+     during 3xx redirects or more complex 4xx auth schemes. [Dirk-
+     Willem van Gulik]
+
   *) Included the patch submitted by Sander van Zoest (#12712) which
      prevents just 'anything' being sucked in when doing gobbeling in
      complete directories - such as editor backup files and other

diff --git a/src/modules/standard/mod_headers.c b/src/modules/standard/mod_headers.c
index e9e5f087af073e4716ab03df81a7bd0c34a1254b..80fd95a83308777e353008e76f34dd36fce89329 100644 (file)
--- a/src/modules/standard/mod_headers.c
+++ b/src/modules/standard/mod_headers.c
@@ -116,6 +116,7 @@ typedef struct {
     hdr_actions action;
     char *header;
     char *value;
+    int do_err;
 } header_entry;
 
 /*
@@ -153,7 +154,6 @@ static void *merge_headers_config(pool *p, void *basev, void *overridesv)
     return a;
 }
 
-
 static const char *header_cmd(cmd_parms *cmd, headers_conf * dirconf, char *action, char *hdr, char *value)
 {
     header_entry *new;
@@ -169,6 +169,12 @@ static const char *header_cmd(cmd_parms *cmd, headers_conf * dirconf, char *acti
         new = (header_entry *) ap_push_array(serverconf->headers);
     }
 
+    if (cmd->info) {
+       new->do_err = 1;
+    } else {
+       new->do_err = 0;
+    }
+
     if (!strcasecmp(action, "set"))
         new->action = hdr_set;
     else if (!strcasecmp(action, "add"))
@@ -198,7 +204,9 @@ static const char *header_cmd(cmd_parms *cmd, headers_conf * dirconf, char *acti
 
 static const command_rec headers_cmds[] =
 {
-    {"Header", header_cmd, NULL, OR_FILEINFO, TAKE23,
+    {"Header", header_cmd, (void *)0, OR_FILEINFO, TAKE23,
+     "an action, header and value"},
+    {"ErrorHeader", header_cmd, (void *)1, OR_FILEINFO, TAKE23,
      "an action, header and value"},
     {NULL}
 };
@@ -209,18 +217,19 @@ static void do_headers_fixup(request_rec *r, array_header *headers)
 
     for (i = 0; i < headers->nelts; ++i) {
         header_entry *hdr = &((header_entry *) (headers->elts))[i];
+       table *tbl = (hdr->do_err ? r->err_headers_out : r->headers_out);
         switch (hdr->action) {
         case hdr_add:
-            ap_table_addn(r->headers_out, hdr->header, hdr->value);
+            ap_table_addn(tbl, hdr->header, hdr->value);
             break;
         case hdr_append:
-            ap_table_mergen(r->headers_out, hdr->header, hdr->value);
+            ap_table_mergen(tbl, hdr->header, hdr->value);
             break;
         case hdr_set:
-            ap_table_setn(r->headers_out, hdr->header, hdr->value);
+            ap_table_setn(tbl, hdr->header, hdr->value);
             break;
         case hdr_unset:
-            ap_table_unset(r->headers_out, hdr->header);
+            ap_table_unset(tbl, hdr->header);
             break;
         }
     }