fielding 97/02/20 15:36:46
Modified: src CHANGES http_protocol.c http_request.c
Log:
Improved handling of TRACE method by bypassing normal method handling
and header parsing routines; fixed Allow response to always allow TRACE.
Submitted by: Dean Gaudet
Reviewed by: Roy Fielding
Revision Changes Path
1.175 +4 -0 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.174
retrieving revision 1.175
diff -C3 -r1.174 -r1.175
*** CHANGES 1997/02/20 06:45:08 1.174
--- CHANGES 1997/02/20 23:36:39 1.175
***************
*** 127,132 ****
--- 127,136 ----
*) Fixed http_protocol to correctly output all HTTP/1.1 headers, including
for the special case of a 304 response. [Paul Sutton]
+ *) Improved handling of TRACE method by bypassing normal method handling
+ and header parsing routines; fixed Allow response to always allow
TRACE.
+ [Dean Gaudet]
+
*) Fixed compiler warnings in the regex library. [Dean Gaudet]
*) Cleaned-up some of the generated HTML. [Ken Coar]
1.104 +10 -1 apache/src/http_protocol.c
Index: http_protocol.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.103
retrieving revision 1.104
diff -C3 -r1.103 -r1.104
*** http_protocol.c 1997/02/20 01:23:23 1.103
--- http_protocol.c 1997/02/20 23:36:39 1.104
***************
*** 992,1000 ****
#endif
}
! char *make_allow(request_rec *r)
{
int allowed = r->allowed;
return 2 + pstrcat(r->pool, (allowed & (1 << M_GET)) ? ", GET, HEAD" :
"",
(allowed & (1 << M_POST)) ? ", POST" : "",
--- 992,1009 ----
#endif
}
! static char *make_allow(request_rec *r)
{
int allowed = r->allowed;
+
+ if( allowed == 0 ) {
+ /* RFC2068 #14.7, Allow must contain at least one method. So rather
+ * than deal with the possibility of trying not to emit an Allow:
+ * header, i.e. #10.4.6 says 405 Method Not Allowed MUST include
+ * an Allow header, we'll just say TRACE is valid.
+ */
+ return( "TRACE" );
+ }
return 2 + pstrcat(r->pool, (allowed & (1 << M_GET)) ? ", GET, HEAD" :
"",
(allowed & (1 << M_POST)) ? ", POST" : "",
1.45 +10 -5 apache/src/http_request.c
Index: http_request.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_request.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -C3 -r1.44 -r1.45
*** http_request.c 1997/02/17 20:16:16 1.44
--- http_request.c 1997/02/20 23:36:40 1.45
***************
*** 870,875 ****
--- 870,884 ----
return;
}
+ /* We don't want TRACE to run through the normal handler set,
+ * we handle it specially.
+ */
+ if (r->method_number == M_TRACE) {
+ send_http_trace (r);
+ finalize_request_protocol (r);
+ return;
+ }
+
if (!r->proxyreq)
{
access_status = unescape_url(r->uri);
***************
*** 960,970 ****
return;
}
! /* We don't want TRACE to run through the normal handler set,
! * we handle it specially.
! */
! if (r->method_number == M_TRACE) send_http_trace (r);
! else if ((access_status = invoke_handler (r)) != 0) {
die (access_status, r);
return;
}
--- 969,975 ----
return;
}
! if ((access_status = invoke_handler (r)) != 0) {
die (access_status, r);
return;
}
