Checkout Tools
  • last updated 5 hours ago
Constraints: committers
Constraints: files
Constraints: dates
remove request details from error documents

  1. … 4 more files in changeset.
* include/httpd.h: Define HTTP_TOO_EARLY (425) per RFC 8470.

* modules/http/http_protocol.c (status_lines,

get_canned_error_string): Add 425 response.

  1. … 1 more file in changeset.
http: Enforce consistently no response body with both 204 and 304 statuses.

Provide AP_STATUS_IS_HEADER_ONLY() helper/macro to check for 204 or 304 and

use it where some special treatment is needed when no body is expected.

Some of those places handled 204 only.

  1. … 9 more files in changeset.
http_protocol.c: avoid duplicate headers when using


While debugging PR 61860 I found a chain of events

that leads to duplicate headers in the HTTP response

if Header always set is used in the httpd's config.

As far as can understand, mod_headers uses err_headers_out

when dealing with the 'always' setting, since it is expected

to be preserved even on error. The current code seems

to correctly preserve the important headers like Location

(happening before the bit of code that changed), but then

it swaps headers_out with err_headers_out and clears

err_headers_out. My understanding is that this will cause

mod_headers, if called again, to re-insert the headers

set via 'always' again in err_headers_out, leading to a

duplication in the response. So far I managed to reproduce this

only with the specific use case outlined by the PR, but

there might be more.

r1831585 was added to the test suite for PR 61860,

(marked as TODO), and now it seems to pass as expected.

Since this part of the codebase has been working fine

for years I was reluctant to change it, but it seems

the right change to me. I didn't run into any regression

while testing this change (including running the test suite),

but as always I'd be glad to get feedback from a more expert

eye. If I missed a clear regression I'll make sure to

add it to the test suite as part of the follow up.

Since r1753257, "HEAD" method is registered into the registry hash with the M_GET ID.

(r1757672 in 2.4.x)

We iterate over all the values of the registery, so there is no need anymore to have a special case for "HEAD" in 'make_allow()'. It has its own entry now.

With the current code, we have "HEAD" 3 times in the Allow Header field.

This is because we find M_GET 2 times in the registry hash. The first one gives "GET" and "HEAD" (as the special handling), and the second "HEAD" and "HEAD" (as the special handling).

BTW, use APR_ARRAY_PUSH instead of hand coding it, in oder to have the code more readable.

PR 61207

addendum to r1769760 to make it generate 100 status lines
http: Allow unknown response status' lines returned in the form of:

HTTP/x.x xxx Status xxx

  1. … 2 more files in changeset.
A whole lotta nope, if you implement HTCPCP then register your methods in init
  1. … 1 more file in changeset.
Restore 'HEAD' method as a special case of GET with the common ID
The method_registry is initialized in register_hooks() for mod_http
Simplify; this code is executed one per request processed, saving

an immeasurably small quantum of CPU of a server under load.

Add 451... Needed to adjust RESPONSE_CODES which

was not in the provided patch

BUGZ# 58985

  1. … 1 more file in changeset.
Use 'ap_array_str_contains' to simplify code.
http, mod_ssl: Introduce and return the 421 (Misdirected Request) status code

for clients requesting a hostname on a reused connection whose SNI (from the

TLS handshake) does not match.

PR 5802.

This allows HTTP/2 clients to fall back to a new connection as per:

Proposed by: Stefan Eissing <stefan>

Reviewed by: ylavic

  1. … 2 more files in changeset.
http: Add support for RFC2324/RFC7168.

Sample implementation:

  1. … 3 more files in changeset.
* Fix If-Match handling:

- We need to fail if we do NOT match.

- ETag comparison only makes sense if we have an ETag

PR: 57358

Submitted by: Kunihiko Sakamoto <ksakamoto>

Reviewed by: rpluem

  1. … 1 more file in changeset.
fix logic in ap_method_list_(add|remove) in order:

- to correctly reset bits

- not to modify the 'method_mask' bitfield unnecessarily

Also remove a useless 'register' in the declaration of a variable.

  1. … 1 more file in changeset.
Include any error notes set by modules in the canned error

response for 403 errors.

  1. … 1 more file in changeset.
core, mod_cache: Ensure RFC2616 compliance in ap_meets_conditions()

with weak validation combined with If-Range and Range headers. Break

out explicit conditional header checks to be useable elsewhere in the

server. Ensure weak validation RFC compliance in the byteranges filter.

Ensure RFC validation compliance when serving cached entities. PR 16142

  1. … 6 more files in changeset.
core: Add the ability to do explicit matching on weak and strong ETags

as per RFC2616 Section 13.3.3.

  1. … 4 more files in changeset.
Various code clean up

Submitted by: Christophe JAILLET <christophe jaillet wanadoo fr>

PR: 52893

  1. … 8 more files in changeset.
Add missing HTTP status codes taken from

The new codes are now known and some canned error

strings are provided. The web server does not yet actually

produce them in responses or reacts on getting them

from an origin server when acting as a proxy or gateway.

  1. … 2 more files in changeset.
Add lots of unique tags to error log messages

  1. … 172 more files in changeset.
Cleanup effort in prep for GA push:

Trim trailing whitespace... no func change

  1. … 118 more files in changeset.
refactor to pull setting of Accept-Ranges header into http_protocol.c which

had been copied to other handlers.

  1. … 7 more files in changeset.
Introduce ap_(get|set)_core_module_config() functions/macros and use them


We know that the core module has module_index 0. Therefore we can save

some pointer operations in ap_get_module_config(cv, &core_module) and

ap_set_module_config(cv, &core_module, val). As these are called rather often,

this may actually have some (small) measurable effect.

  1. … 42 more files in changeset.
Reverted r1040177 due to Joe's objection.

Supress compiler warning.

Phrasing changes recommended by Jack Dozier. Bug #50145

Take a slightly less "you broke it!!" tone in the default 500 Internal

Server Error default error message. (Bug #50145)