Bug report for Apache httpd-1.3 [2004/04/25]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=CriticalMAJ=Major | | | | MIN=Minor NOR=Normal ENH=Enhancement | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | | 7741|New|Nor|2002-04-04|some directives may be placed outside of proper co| | 7982|New|Maj|2002-04-11|mod_rewrite URL string empty when passed unicoded | | 8311|Opn|Nor|2002-04-19|error in PUT directive gives confusing error messa| | 8329|New|Nor|2002-04-20|mime_magic gives 500 and no error_log on Microsoft| | 8372|Ass|Nor|2002-04-22|Threadsaftey issue in Rewrite's cache [Win32/OS2/N| | 8849|New|Nor|2002-05-07|make install errors as root on NFS shares | | 8882|New|Enh|2002-05-07|[PATCH] mod_rewrite communicates with external rew| | 9037|New|Min|2002-05-13|Slow performance when acessing an unresolved IP ad| | 9126|New|Blk|2002-05-15|68k-next-openstep v. 4.0 | | 9726|New|Min|2002-06-09|Double quotes should be flagged as T_HTTP_TOKEN_ST| | 9894|New|Maj|2002-06-16|getline sub in support progs collides with existin| | |New|Nor|2002-06-19|Incorrect default manualdir value with layout.| |10038|New|Min|2002-06-20|ab benchmaker hangs on 10K https URLs with keepali| |10073|New|Maj|2002-06-20|upgrade from 1.3.24 to 1.3.26 breaks include direc| |10169|New|Nor|2002-06-24|Apache seg faults due to attempt to access out of | |10178|New|Maj|2002-06-24|Proxy server cuts off begining of buffer when spec| |10195|New|Nor|2002-06-24|Configure script erroneously detects system Expat | |10199|New|Nor|2002-06-24|Configure can't handle directory names with unders| |10243|New|Maj|2002-06-26|CGI scripts not getting POST data | |10354|New|Nor|2002-06-30|ErrorDocument(.htaccess) fails when passed URL wit| |10470|New|Cri|2002-07-04|proxy module will not correctly serve mixed case f| |10666|New|Enh|2002-07-10|line-end comment error message missing file name | |10744|New|Nor|2002-07-12|suexec might fail to open log file| |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |10760|New|Maj|2002-07-12|empty ftp directory listings from cached ftp direc| |10890|New|Cri|2002-07-17|if et locale is used, configure fails | |10939|New|Maj|2002-07-18|directory listing errors | |11020|New|Maj|2002-07-21|APXS only recognise tests made by ./configure | |11236|New|Min|2002-07-27|Possible Log exhaustion bug? | |11265|New|Blk|2002-07-29|mod_rewrite fails to encode special characters| |11765|New|Nor|2002-08-16|.apaci.install.tmp installs in existing httpd.conf| |11986|New|Nor|2002-08-23|Restart hangs when piping logs on rotation log pro| |11993|Opn|Cri|2002-08-23|PDFs served through ProxyPass show up blank | |12096|New|Nor|2002-08-27|apxs does not handle binary dists installed at non| |12391|New|Maj|2002-09-07|DBM_LIB should be blank for OS X 10.2 | |12551|New|Nor|2002-09-11|mod_proxy fails to shutdown when client cancels | |12574|New|Nor|2002-09-12|Broken images comes from mod_proxy when caching ww| |12583|New|Nor|2002-09-12|First piped log process do not handle SIGTERM | |12598|New|Maj|2002-09-12|Apache hanging in Keepalive State | |13120|New|Cri|2002-09-29|CGI procs defunctioning | |13188|New|Nor|2002-10-02|does not configure correctly for hppa64-hp-hpux11.| |13274|Ass|Nor|2002-10-04|Subsequent requests are destroyed by the request e| |13577|New|Nor|2002-10-13|mod_proxy mangles query string| |13607|Opn|Enh|2002-10-14|Catch-all enhancement for vhost_alias?| |13687|New|Min|2002-10-16|Leave Debug symbol on Darwin | |13822|New|Maj|2002-10-21|Problem while running Perl modules accessing CGI::| |14031|New|Nor|2002-10-29|POST handling for multi part forms incorrect | |14095|Opn|Nor|2002-10-30|Change default Content-Type (DefaultType) in defau| |14250|New|Maj|2002-11-05|Alternate UserDirs don't work intermittantly | |14358|New|Enh|2002-11-07|rotatelogs using TZ settings | |14443|New|Maj|2002-11-11|Keep-Alive randomly causes TCP RSTs |
Bug report for Apache httpd-2.0 [2004/04/25]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=CriticalMAJ=Major | | | | MIN=Minor NOR=Normal ENH=Enhancement | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | | 7483|Ass|Enh|2002-03-26|Add FileAction directive to assign a cgi interpret| | 7862|New|Enh|2002-04-09|suexec never log a group name.| | 8167|New|Min|2002-04-16|--with-module does not build MODULE_DIRS correctly| | 8483|Opn|Min|2002-04-24|apache_2.0 .msi installer breaks .log and .conf fi| | 8500|Ass|Cri|2002-04-25|authorization user does not logged| | 8713|New|Min|2002-05-01|No Errorlog on PROPFIND/Depth:Infinity| | 8867|Opn|Cri|2002-05-07|exports.c generation fails when using a symlink to| | 8880|New|Enh|2002-05-07|AcceptPathInfo does not apply to DirectoryIndex fi| | 8925|New|Cri|2002-05-09|Service Install (win32 .msi/.exe) fails for port i| | 8993|Opn|Nor|2002-05-10|openssl library location(s) are hardcoded in confi| | 9046|New|Min|2002-05-13|Cleaned up PNG/MNG converted icons| | 9484|New|Enh|2002-05-29|Dynamic ServerAdmin configuration | | 9513|Opn|Nor|2002-05-30|Missing start menu items | | 9656|New|Nor|2002-06-06|Support of FTP Proxy only partially documented| | 9727|New|Min|2002-06-09|Double quotes should be flagged as T_HTTP_TOKEN_ST| | 9945|New|Enh|2002-06-18|[PATCH] new funtionality for apache bench | |10114|Ass|Enh|2002-06-21|Negotiation gives no weight to order, only q value| |10154|Ass|Nor|2002-06-23|ApacheMonitor interferes with service uninstall/re| |10575|New|Enh|2002-07-09|no option to autoindex auth protected files/folder| |10598|Opn|Nor|2002-07-09|Apache will break down files bigger than 64KB | |10722|New|Nor|2002-07-12|ProxyPassReverse doesn't change cookie paths | |10775|Ass|Cri|2002-07-13|SCRIPT_NAME wrong value | |11000|New|Enh|2002-07-20|Mutex permission problems: configuration template | |11035|New|Min|2002-07-22|Apache adds double entries to headers generated by| |11259|New|Enh|2002-07-29|'make install' should provide a deinstaller | |11294|New|Enh|2002-07-30|desired vhost_alias option| |11331|New|Cri|2002-07-31|stale cgi process entries when using suexec | |11427|Opn|Maj|2002-08-02|Possible Memory Leak in CGI script invocation | |11514|New|Maj|2002-08-07|worker MPM stalls on UnixWare 7.11| |11521|New|Nor|2002-08-07|Addition of Japanese error message | |11540|New|Nor|2002-08-07|ProxyTimeout ignored | |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |11660|New|Enh|2002-08-13|a New Hebrew Translation for Test Page for Apache| |11960|New|Maj|2002-08-23|Apache default config doesn't include uk langauge | |12033|Opn|Nor|2002-08-26|Graceful restart immidiately result in [warn] long| |12187|Opn|Blk|2002-08-30|Standard config with perchild; Apache is blocked | |12340|Opn|Nor|2002-09-05|WindowsXP proxy, child process exited with status | |12355|Opn|Nor|2002-09-06|SSLVerifyClient directive in location make post to| |12426|Ass|Nor|2002-09-09|mod_proxy broken under high load ?| |12625|New|Enh|2002-09-13|[PATCH] Restoration of mod_ssl compatibility env v| |12680|New|Enh|2002-09-16|Digest authentication with integrity protection | |12885|New|Enh|2002-09-20|windows 2000 build information: mod_ssl, bison, et| |12894|New|Nor|2002-09-21|not assuming the DEFAULTTYPE for PHP files without| |12981|New|Nor|2002-09-25|Apache Bench can't take binary post data | |13029|New|Nor|2002-09-26|failure to generate StdEnvVars depending on charse| |13101|New|Cri|2002-09-27|Using mod_ext_filter with mod_proxy and http/1.1 c| |13272|Opn|Nor|2002-10-04|Documentation doesn't mention that SSL is not in b| |13328|New|Nor|2002-10-05|Apache kills processgroup.| |13343|New|Maj|2002-10-06|Apache2 dies if signal HUP is sent to master proce| |13368|New|Maj|2002-10-07|IIS prevents Apache from starting (missing -w opti| |13507|New|Enh|2002-10-10|capturing stderr from mod_cgi |
Re: mod_proxy distinguish cookies?
On Sat, 24 Apr 2004, Neil Gunton wrote: Neil Gunton wrote: Hi all, I apologise in advance if this is obvious or otherwise been answered elsewhere, but I can't seem to find any reference to it. I am using Apache 1.3.29 with mod_perl, on Linux 2.4. I am running mod_proxy as a caching reverse proxy front end, and mod_perl on the backend. This works really well, but I have noticed that mod_proxy does not seem to be able to distinguish requests as being different if the URLs are the same, but they contain different cookies. I would like to be able to enable more personalization on my site, which would best be done using cookies. The problem is that when a page has an expiration greater than 'now', then any request to the same URL will get the cache version, even if the requests have different cookies. Currently I have to pass options around as part of the URL in order to make the requests look different to mod_proxy. Am I missing something here? Or, will this be included in either future versions of mod_proxy or the equivalent module in Apache 2.x? Any insights greatly appreciated. I should perhaps make clear that I do have cookies working through the proxy just fine, for pages that are set to be 'no-cache'. So this isn't an issue with the proxy being able to pass cookies to/from the backend and browser (which I think I have seen mentioned before as a bugfix), but rather with mod_proxy simply being able to distinguish otherwise identical URL requests that have different cookies, and cache those as different requests. So for example, the request GET /somedir/somepage.html?xxx=yyy passed with a cookie that value 'pics=small' should be seen as different from another identical request, but with cookie value 'pics=large'. Currently my tests indicate that mod_proxy returns the same cached page for each request. I assume that mod_proxy only checks the actual request string, and not the HTTP header which contains the cookie. Obviously, under this scheme, if you were using cookies to track sessions then all requests would get passed to the backend server - so, perhaps it would be a nice additional feature to be able to configure, through httpd.conf, how mod_proxy (or its successor) pays attention to cookies. For example, you might say something to the effect of ignore this cookie or differentiate requests using this cookie. Then we could have sitewide options like e.g. 'pics' (to set what size pictures are shown), and this could be used to distinguish cached pages, but other cookies might be ignored on some pages. This would allow for more flexibility, with some cached pages being sensitive to cookies, while others are not. An obvious way this would be useful is in the use of login cookies. These will be passed in by the browser for every page on the site, but this doesn't mean we want to distinguish cached pages based on it for every page. Some user-specific pages would have 'no-cache' set, while other pages could be set to ignore this login cookie, thus gaining the benefits of the proxy caching. This would be useful for pages that have no user-specific or personalizable aspects - they could be cached regardless of who is logged in. Sorry if this wasn't clear from the original post, just wanted to clarify and expand... any advice on this would be VERY welcomed, since my options with personalization are currently rather limited. Also, if this is actually addressed to the wrong list for some reason then a pointer would be much appreciated... mod_accel ( http://sysoev.ru/en/ ) allows to take cookies into account while caching: AccelCacheCookie some_cookie_name another_cookie_name You can set it on per-location basis. Besides, my upcoming light-weight http and reverse proxy server nginx will allow to do it too. Igor Sysoev http://sysoev.ru/en/
Re: [PATCH] RFC: Allow modification/deletion of specific headers in apr_table_t
On Apr 21, 2004, at 9:11 AM, Sumeet Singh wrote: Hi, In my use-case I am dealing with multiple headers with the same key (e.g. Cookie), and need to modify or remove a specific header based on its key and value (e.g. remove a certain cookie header while leaving the rest in). There is no api in apr_tables that would allow me to remove a given header instance. apr_table_unset will remove all cookies. And I can't have my code remove a header from the apr_array_table_t array because that will render the internal hash index incorrect. Secondly, eventhough I can modify the value of a specific header by iterating over the apr_array_header_t, that would be inefficient because I wouldn't be able to use the internal index_first and index_last values. Therefore I have written three functions (patch files attached) and am hoping that the powers-that-be will be willing to review and roll them into the APR codeline. 1) apr_table_set_one (apr_table_t *t, const char *key, const char *oldVal, const char *newVal) replaces value of header key and value oldVal with value newVal. If oldVal is null, then the first occurance of the header is replaces (this is an optimization for situations where we know that only one header exists and don't care about its current value). If the header is not found, then it behaves like apr_table_add. I finally got a chance to read through the patch. The code makes sense, but I have a question: will apr_table_set_one and apr_table_unset_one provide all the functionality you need? Using Cookie and Set-Cookie headers as an example, it seems like an exact match on the oldVal wouldn't be sufficient. If your response headers include something like this: Content-Type; text/html Set-Cookie: userID=1; max-age=86400; domain=.example.com Cache-Control: private Set-Cookie: sessionID=54321; max-age=1800; domain=.example.com and you want to change or remove the userID cookie, it's a lot easier to do a prefix match on userID= than on the entire value of that table entry. (If that table entry was set by some other module, we may not know what the full value of that entry is.) In the general case, an application might need to: 1. iterate through all the elements in a table that match a given key, 2. selectively modify the value of one or more of the matching elements, or delete one or more of the matching elements, 3. and optionally stop iterating based on some application-defined criteria. This sounds a lot like apr_table_do, except that apr_table_do doesn't allow modification of the table elements. If there were a variant of apr_table_do that allowed modification of the value (but not the key) of visited elements, and the deletion of visited elements, would that work for your application? Brian
Proposal: AP_FTYPE_PREPROCESS
Content-transforming filters are a major and increasingly-popular application of Apache, and serve many purposes. Implementing major functionality in an output filter rather than a handler has the great advantage of making it re-usable with different handlers, including mod_proxy. The place for such filters is of course AP_FTYPE_RESOURCE. But they may often require a pre-processing step. My recent update to mod_deflate provides a filter to decompress gzipped content for manipulation by a content-transforming filter. In the context of a proxy, this pre-processing can only happen in an output filter. I hacked this in mod_deflate by declaring the gunzip filter as of AP_FTYPE_RESOURCE-1. There are many similar situations. My own work in progress includes decoding image formats for an image processing filter, and is likely to include an error-recovering iconv filter to ensure graceful recovery when proxying content containing bogus characters through a markup filter. Rather than use hacks like AP_FTYPE_RESOURCE-1, would it not be better to introduce a new output filter type AP_FTYPE_PREPROCESS below RESOURCE for this kind of application? -- Nick Kew Nick's manifesto: http://www.htmlhelp.com/~nick/
Exception handling and MPMs
I'm writing a jpeg module, using libjpeg to implement cjpeg/djpeg filters. Looking at error handling, I find that libjpeg by default exits on fatal error. This can be overridden with a setjmp/longjmp construct. However, I seriously doubt setjmp/longjmp is safe with threaded MPMs, and there's no apr_setjmp. So that's not an attractive option. It seems that other libraries inherit this behaviour. For example, gd does both the above, and is harder to override than libjpeg, so that doesn't help. An alternative might be to use C++ try/catch, with a throw() in the fatal-error handler. This seems to offer the compiler more scope for generating thread-safe code than setjmp/longjmp, but I really don't know if that's wishful thinking ... Where do I stand using either setjmp/longjmp or try/throw/catch with different MPMs? -- Nick Kew Nick's manifesto: http://www.htmlhelp.com/~nick/
Re: [PATCH] RFC: Allow modification/deletion of specific headers in apr_table_t
Brian Pane wrote: On Apr 21, 2004, at 9:11 AM, Sumeet Singh wrote: Hi, In my use-case I am dealing with multiple headers with the same key (e.g. Cookie), and need to modify or remove a specific header based on its key and value (e.g. remove a certain cookie header while leaving the rest in). There is no api in apr_tables that would allow me to remove a given header instance. apr_table_unset will remove all cookies. And I can't have my code remove a header from the apr_array_table_t array because that will render the internal hash index incorrect. Secondly, eventhough I can modify the value of a specific header by iterating over the apr_array_header_t, that would be inefficient because I wouldn't be able to use the internal index_first and index_last values. Therefore I have written three functions (patch files attached) and am hoping that the powers-that-be will be willing to review and roll them into the APR codeline. 1) apr_table_set_one (apr_table_t *t, const char *key, const char *oldVal, const char *newVal) replaces value of header key and value oldVal with value newVal. If oldVal is null, then the first occurance of the header is replaces (this is an optimization for situations where we know that only one header exists and don't care about its current value). If the header is not found, then it behaves like apr_table_add. I finally got a chance to read through the patch. The code makes sense, but I have a question: will apr_table_set_one and apr_table_unset_one provide all the functionality you need? Using Cookie and Set-Cookie headers as an example, it seems like an exact match on the oldVal wouldn't be sufficient. If your response headers include something like this: Content-Type; text/html Set-Cookie: userID=1; max-age=86400; domain=.example.com Cache-Control: private Set-Cookie: sessionID=54321; max-age=1800; domain=.example.com and you want to change or remove the userID cookie, it's a lot easier to do a prefix match on userID= than on the entire value of that table entry. (If that table entry was set by some other module, we may not know what the full value of that entry is.) That's a good point. In the general case, an application might need to: 1. iterate through all the elements in a table that match a given key, 2. selectively modify the value of one or more of the matching elements, or delete one or more of the matching elements, 3. and optionally stop iterating based on some application-defined criteria. Agreed. This sounds a lot like apr_table_do, except that apr_table_do doesn't allow modification of the table elements. If there were a variant of apr_table_do that allowed modification of the value (but not the key) of visited elements, and the deletion of visited elements, would that work for your application? Yes that should suffice. Thanks. -sumeet Brian
