This patch adds a configuration directive "ProxyRequireValidHTTPStatus". When enabled, mod_proxy will require a valid HTTP status line from the destination server and throw a 502 Bad Gateway error if it does not get it. Basicaly, this disallows backasswards reponses.
Why would one want to do this? Well, I have a setup where my handler is first attempting one proxy destination, and if that does not work, it tries another. It works by discarding the output of any response that isn't a 200 and then trying another gateway. If the gateway doesn't return a valid HTTP 1.0 or better status line, mod_proxy assumes a 200 OK response. In my environment, I control all the gateway servers so I know that a working gateway will always give me a real HTTP status line. If it doesn't, I want to consider it a bad gateway and try another. -adam Index: mod_proxy.c =================================================================== RCS file: /home/cvspublic/httpd-2.0/modules/proxy/mod_proxy.c,v retrieving revision 1.76 diff -u -r1.76 mod_proxy.c --- mod_proxy.c 21 Mar 2002 12:05:45 -0000 1.76 +++ mod_proxy.c 30 Mar 2002 01:40:52 -0000 @@ -502,6 +502,7 @@ ps->preserve_host =0; ps->timeout=0; ps->timeout_set=0; + ps->require_valid_http_status=0; return ps; } @@ -833,6 +834,16 @@ } static const char * + set_require_valid_http_status(cmd_parms *parms, void *dummy, int flag) +{ + proxy_server_conf *psf = + ap_get_module_config(parms->server->module_config, &proxy_module); + + psf->require_valid_http_status = flag; + return NULL; +} + +static const char * set_recv_buffer_size(cmd_parms *parms, void *dummy, const char *arg) { proxy_server_conf *psf = @@ -1041,6 +1052,8 @@ AP_INIT_TAKE1("ProxyTimeout", set_proxy_timeout, NULL, RSRC_CONF, "Set the timeout (in seconds) for a proxied connection. " "This overrides the server timeout"), + AP_INIT_FLAG("ProxyRequireValidHTTPStatus", set_require_valid_http_status, NULL, +RSRC_CONF, + "on if proxy should not accept reponses that don't give a valid HTTP 1.0 (or +better) status line"), {NULL} }; Index: mod_proxy.h =================================================================== RCS file: /home/cvspublic/httpd-2.0/modules/proxy/mod_proxy.h,v retrieving revision 1.76 diff -u -r1.76 mod_proxy.h --- mod_proxy.h 13 Mar 2002 20:47:53 -0000 1.76 +++ mod_proxy.h 30 Mar 2002 01:40:52 -0000 @@ -196,6 +196,8 @@ int timeout; int timeout_set; + int require_valid_http_status; + } proxy_server_conf; typedef struct { Index: proxy_http.c =================================================================== RCS file: /home/cvspublic/httpd-2.0/modules/proxy/proxy_http.c,v retrieving revision 1.138 diff -u -r1.138 proxy_http.c --- proxy_http.c 21 Mar 2002 12:05:45 -0000 1.138 +++ proxy_http.c 30 Mar 2002 01:40:52 -0000 @@ -730,6 +730,12 @@ p_conn->close += 1; origin->keepalive = 0; } + } else if (conf->require_valid_http_status) { + apr_socket_close(p_conn->sock); + backend->connection = NULL; + return ap_proxyerror(r, HTTP_BAD_GATEWAY, + apr_pstrcat(p, "Corrupt status line returned by remote " + "server: ", buffer, NULL)); } else { /* an http/0.9 response */ backasswards = 1;