util_script.c

Checkout Tools
  • last updated 1 hour ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 103971 is being indexed.

* server/util_script.c (ap_scan_script_header_err_core): Set

Content-Range in r->headers_out, so that the byterange filter knows to

do nothing for a CGI script which produced a content-range.

:set tabstop=8

:retab

(no code changes)

fix name of The Apache Software Foundation

  1. … 174 more files in changeset.
fix copyright dates according to the first check in

  1. … 16 more files in changeset.
apply Apache License, Version 2.0

  1. … 262 more files in changeset.
update license to 2004.

  1. … 281 more files in changeset.
stop using apr_sockaddr_port_get() accessor function, as it will

disappear from APR 1.0 API shortly

  1. … 5 more files in changeset.
switch to APR 1.0 API (which is still in flux)

because of the changes to the argument lists of apr_mmap_dup and apr_socket_create,

2.1-dev won't build with apr and apr-util's 0.9 branch anymore

  1. … 42 more files in changeset.
Remember an authenticated user during internal redirects if the

redirection target is not access protected and pass it

to scripts using the REDIRECT_REMOTE_USER environment variable.

PR: 10678, 11602.

  1. … 2 more files in changeset.
finished that boring job:

update license to 2003.

Happy New Year! ;-))

  1. … 271 more files in changeset.
*) SECURITY: [CAN-2002-0840] HTML-escape the address produced by

ap_server_signature() against this cross-site scripting

vulnerability exposed by the directive 'UseCanonicalName Off'.

Also HTML-escape the SERVER_NAME environment variable for CGI

and SSI requests. It's safe to escape as only the '<', '>',

and '&' characters are affected, which won't appear in a valid

hostname. Reported by Matthew Murphy <mattmurphy@kc.rr.com>.

[Brian Pane]

  1. … 2 more files in changeset.

Use apr_ flavors of ischar()

stop using APLOG_NOERRNO in calls to ap_log_?error()

  1. … 24 more files in changeset.
Added the APLOG_TOCLIENT flag to ap_log_rerror() to

explicitly tell the server that warning messages should be sent

to the client in addition to being recorded in the error log.

Prior to this change, ap_log_rerror() always sent warning

messages to the client. In one case, a faulty CGI script caused

the server to send a warning message to the client that contained

the full path to the CGI script. This could be considered a

minor security exposure.

  1. … 3 more files in changeset.
Handle CR/LF terminated lines from CGI scripts.

Reviewed by: Brian Pane

Fix for a bug that I introduced when eliminating the single-byte

reads in mod_cgi: eof wasn't treated as an error condition when

reading the script headers, so we were delivering a 200 when a

CGI script produced no output.

Changed mod_cgi to not do single-byte reads to consume the

script headers

  1. … 4 more files in changeset.
Commit 2 of 2 to:

1. rename ap_rset_content_type to ap_set_content_type

2. reverse the arguments to aligh with ap_set_content_length

  1. … 2 more files in changeset.
Final commit to add ap_rset_content_type accessor. Add AddOutputFiltersbyType

filters during call to ap_rset_content_type()

  1. … 4 more files in changeset.
Update our copyright for this year.

  1. … 260 more files in changeset.
Optimization: changed some apr_pstrndup calls to apr_pstrmemdup

  1. … 1 more file in changeset.
optimize ap_add_common_vars() for the common case where r->subprocess_env is empty

minor performance fix for ap_add_common_vars(): replace printf with apr_itoa()

Begin to abstract out the underlying transport layer.

The first step is to remove the socket from the conn_rec,

the server now lives in a context that is passed to the

core's input and output filters. This forces us to be very

careful when adding calls that use the socket directly,

because the socket isn't available in most locations.

  1. … 18 more files in changeset.
This patch changes the apr_table_elts macro so that it provides

access to the internals of an apr_table_t via a const pointer

instead of the current non-const pointer.

Submitted by: Brian Pane <BPane@pacbell.net>

Reviewed by: Ian Holsman

  1. … 10 more files in changeset.
Improve http2env's performance by cutting the work it has to

do.

Submitted by: Brian Pane <bpane@pacbell.net>

  1. … 1 more file in changeset.

PATHEXT is a critial Win32 cmd.exe variable that declares _which_ extensions

are given command-name status (such as .exe;.bat;.com;.cmd etc.)

This patch is insufficient (highlights an existing problem) for OS2 and

Netware, especially, and any other platform with odd native requirements

for the PATH_TRANSLATED variable (where it should look like a filesystem

entity for non-unixish cgi's.)

Back out the 1.45 change to util_script.c. This change made

us set the environment variable REQUEST_URI to the redirected

URI, instead of the originally requested URI.

PR: 7580

Submitted by: Taketo Kabe <kabe@sra-tohoku.co.jp>

  1. … 1 more file in changeset.

Why two ifdef blocks? This is simpler to read