HI Yann,
The variable r is the request_rec that is passed into the module's
handler hook. Based on my testing, r-unparsed_uri does indeed have a space
(it's not encoded to %20).
I need to compare against an unparsed URI because r-uri is vulnerable to a
path traversal attack. For instance, this:
Hi Justin,
On Mon, Dec 8, 2014 at 3:07 PM, Justin Kennedy
jkenn...@pingidentity.com wrote:
The variable r is the request_rec that is passed into the module's
handler hook. Based on my testing, r-unparsed_uri does indeed have a space
(it's not encoded to %20).
As I said in my previous message,
On Mon, Dec 8, 2014 at 4:30 PM, Yann Ylavic ylavic@gmail.com wrote:
I need to compare against an unparsed URI because r-uri is vulnerable to a
path traversal attack. For instance, this:
http://abc.me/unprotected_path/../protected_path
becomes:
http://abc.me/protected_path
I don't see
Hi,
commit r1642154 modified server/util_expr_parse.y, hence
server/util_expr_parse.c and server/util_expr_parse.h are re-generated
by bison during make.
However these .[ch] are also committed in the svn repository...
There is also the same issue with server/util_expr_scan.l wrt
Hi Yann,
Commit the newly generated files please.
Regards,
Gregg
On 12/8/2014 9:18 AM, Yann Ylavic wrote:
Hi,
commit r1642154 modified server/util_expr_parse.y, hence
server/util_expr_parse.c and server/util_expr_parse.h are re-generated
by bison during make.
However these .[ch] are also
OK, thanks.
Done in r1643900.
On Mon, Dec 8, 2014 at 7:33 PM, Gregg Smith g...@gknw.net wrote:
Hi Yann,
Commit the newly generated files please.
Regards,
Gregg
On 12/8/2014 9:18 AM, Yann Ylavic wrote:
Hi,
commit r1642154 modified server/util_expr_parse.y, hence
On 12/08/2014 08:46 PM, yla...@apache.org wrote:
Author: ylavic
Date: Mon Dec 8 19:46:53 2014
New Revision: 1643900
URL: http://svn.apache.org/r1643900
Log:
util_expr: sync bison generated source files with server/util_expr_parse.y.
Modified:
On Mon, Dec 8, 2014 at 8:46 PM, yla...@apache.org wrote:
Author: ylavic
Date: Mon Dec 8 19:46:53 2014
New Revision: 1643900
URL: http://svn.apache.org/r1643900
Log:
util_expr: sync bison generated source files with server/util_expr_parse.y.
Modified:
On Mon, Dec 8, 2014 at 8:59 PM, Ruediger Pluem rpl...@apache.org wrote:
On 12/08/2014 08:46 PM, yla...@apache.org wrote:
Author: ylavic
Date: Mon Dec 8 19:46:53 2014
New Revision: 1643900
URL: http://svn.apache.org/r1643900
Log:
util_expr: sync bison generated source files with
Reverted in r1643901.
On Mon, Dec 8, 2014 at 9:01 PM, Yann Ylavic ylavic@gmail.com wrote:
On Mon, Dec 8, 2014 at 8:59 PM, Ruediger Pluem rpl...@apache.org wrote:
On 12/08/2014 08:46 PM, yla...@apache.org wrote:
Author: ylavic
Date: Mon Dec 8 19:46:53 2014
New Revision: 1643900
URL:
Reverted in r1643901.
Someone with a bison version above 2.7.12-4996 should do this (mine is 2.5).
On Mon, Dec 8, 2014 at 8:48 PM, Yann Ylavic ylavic@gmail.com wrote:
OK, thanks.
Done in r1643900.
On Mon, Dec 8, 2014 at 7:33 PM, Gregg Smith g...@gknw.net wrote:
Hi Yann,
Commit the
On Mon, Dec 8, 2014 at 3:12 PM, Yann Ylavic ylavic@gmail.com wrote:
Reverted in r1643901.
Someone with a bison version above 2.7.12-4996 should do this (mine is 2.5).
Every system I try, it leaps from 2.4 to 3.0. Maybe best to just make
the jump forward now?
On Mon, Dec 8, 2014 at 9:16 PM, Eric Covener cove...@gmail.com wrote:
On Mon, Dec 8, 2014 at 3:12 PM, Yann Ylavic ylavic@gmail.com wrote:
Reverted in r1643901.
Someone with a bison version above 2.7.12-4996 should do this (mine is 2.5).
Every system I try, it leaps from 2.4 to 3.0. Maybe
I still DO have PHP commit! :)
On Dec 4, 2014, at 1:27 PM, Eric Covener cove...@gmail.com wrote:
On Thu, Dec 4, 2014 at 1:11 PM, Jim Riggs apache-li...@riggs.me wrote:
This all may certainly be true, but I just for clarity's sake (since it was
my quote that started this new mod_proxy_fcgi
On Mon, Dec 8, 2014 at 10:20 PM, yla...@apache.org wrote:
Author: ylavic
Date: Mon Dec 8 21:20:50 2014
New Revision: 1643929
URL: http://svn.apache.org/r1643929
Log:
Revert util_expr: sync bison generated source files with
server/util_expr_parse.y from r1642154.
Modified:
Finally committed in r1643929, generated by bison-2.7.1.
On Mon, Dec 8, 2014 at 9:12 PM, Yann Ylavic ylavic@gmail.com wrote:
Reverted in r1643901.
Someone with a bison version above 2.7.12-4996 should do this (mine is 2.5).
On Mon, Dec 8, 2014 at 8:48 PM, Yann Ylavic
On 12/04/2014 10:23 AM, Jeff Trawick wrote:
Besides searching through Bugzilla and summarizing each mod_proxy_fcgi
bug and ranking by apparent severity, number of users involved in the
bug discussion, etc., what else should I put on a Wiki page? E.g., do
you have an idea of what needs to be
Ping.
Le 03/12/2014 07:19, Christophe JAILLET a écrit :
Hi,
should the same logic be applied in:
- ap_increment_counts (at line 367) ? (code looks like in
ap_time_process_request where the 0 test is done)
CJ
Le 02/12/2014 13:42, j...@apache.org a écrit :
Author: jim
Date: Tue Dec 2
On 12/08/2014 10:29 PM, Yann Ylavic wrote:
Finally committed in r1643929, generated by bison-2.7.1.
Thanks Yann!
Regards,
Jan Kaluza
On Mon, Dec 8, 2014 at 9:12 PM, Yann Ylavic ylavic@gmail.com wrote:
Reverted in r1643901.
Someone with a bison version above 2.7.12-4996 should do this
19 matches
Mail list logo
