https://issues.apache.org/bugzilla/show_bug.cgi?id=50823
--- Comment #8 from Stefan Fritsch <[email protected]> 2012-04-18 21:15:50 UTC --- I admit that my comment was not very helpful for a non-developer. What happens if an http request arrives on an https port is that openssl consumes part of the request, recognizes that it was http and not ssl, and returns an error code to httpd. Since the full request is not available any more, httpd then injects a fake HTTP 0.9 request so that it can use its usual request machinery to send an error response. What my patch does is change the fake HTTP request from HTTP 0.9 to 1.0. This requires adding the protocol version and the CR/LF that separates the headers from the body. Due to the internal workings, these two parts have to be inserted at different points. The result is that you will get a HTTP/1.0 response with a proper 400 bad request status line. As I understand it, this should already help a lot with search engines indexing that page. About the error message itself, I would say that if we can't be sure that the link we send is correct, we should rather send no link at all. As mentioned above, parsing the request for the Host header is not that easy at that point because openssl has already eaten part of it. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
