byterange_filter.c

Checkout Tools
  • last updated 21 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Rename ap_casecmpstr[n]() to ap_cstr_casecmp[n](), update with APR doxygen
  1. … 49 more files in changeset.
Use new ap_casecmpstr[n]() functions where appropriate (not exhaustive).

  1. … 32 more files in changeset.
Revert r1715789: will re-commit without spurious functional changes.

  1. … 32 more files in changeset.
Use new ap_casecmpstr[n]() functions where appropriate (not exhaustive).

[Reverted by r1715869]

  1. … 32 more files in changeset.
Turn some APR_BUCKET_REMOVE(e)+apr_bucket_destroy(e) into the equivalent apr_bucket_delete(e) to reduce code verbosity

  1. … 4 more files in changeset.
core, mod_cache: Ensure RFC2616 compliance in ap_meets_conditions()

with weak validation combined with If-Range and Range headers. Break

out explicit conditional header checks to be useable elsewhere in the

server. Ensure weak validation RFC compliance in the byteranges filter.

Ensure RFC validation compliance when serving cached entities. PR 16142

  1. … 6 more files in changeset.
Remove support for Request-Range header sent by Navigator 2-3 and

MSIE 3

  1. … 1 more file in changeset.
Add lots of unique tags to error log messages

  1. … 172 more files in changeset.
Adjust log message to reflect changed behaviour

Put 0- on the fast-track
Cleanup effort in prep for GA push:

Trim trailing whitespace... no func change

  1. … 118 more files in changeset.
use random value as multipart range boundary to prevent leaking information

about the used MPM

Add in MaxRangeOverlaps and MaxRangeReversals to accomodate

more control over acceptable Range headers:

See: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/311

  1. … 5 more files in changeset.
Save creation of merged until we know we will actually need and use it.
return some range params admins may want to control (overlaps and reversals)
Remove function so we can grab over core_conf elements easily
Reorg so we don't need forward def...
Reset
No reason for the advanced def...

Open hook for other conf factors (number of overlaps, etc)...

Return some range params...

What getpid()? No backport of this edit is needed.
add AP_ prefix to recently added DEFAULT_MAX_RANGES

take care of some MaxRanges feedback:

* allow "none" to be expressed in config

* send Accept-Ranges: none with MaxRanges none

* stop accepting confusing/ambiguous "0", start accepting "unlimited".

  1. … 4 more files in changeset.
* modules/http/byterange_filter.c (ap_byterange_filter): Don't reveal

the pid in the boundary delimiter (part of CVE-2003-1418).

Revert r1163833:

Send a 206 response for a "Range: bytes=0-" request, even if 200 would be

more efficient.

As discussed on list: Clients that use the 206 response to detect range

support are considered broken and should be fixed to use the Accept-Ranges

header instead.

* Buckets of known length should be always splitable. So we don't need to care

about the APR_ENOTIMPL case.

Submitted by: jorton

Reviewed by: rpluem

* Fix a regression in the CVE-2011-3192 byterange fix:

Range: bytes=-1

Resulted in the first two bytes delivered, not in the last one.

PR: 51748

Submitted by: low_priority <lowprio20 gmail.com>

Reviewed by: rpluem

  1. … 1 more file in changeset.
Remove log message left over from debugging.

* Fix error message
* Whitespace police. No functional change
* Ranges like --2 or -0 are invalid