https://bz.apache.org/bugzilla/show_bug.cgi?id=65380
Bug ID: 65380
Summary: "Location" header not covered in
ap_headers_error_filter
Product: Apache httpd-2
Version: 2.4.48
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_headers
Assignee: bugs@httpd.apache.org
Reporter: ronnie.brun...@netcetera.ch
Target Milestone: ---
Created attachment 37896
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37896&action=edit
mod_header.c patch to support Location header in ap_headers_error_filter
http_protocol.c. has special handling for "Location" header in
ap_send_error_response (i.e. take Location from r->headers_out if available and
only fall back to r->err_headers_out if it's not in r->headers_out). And it is
(best) practice to put the Location header in r-> headers_out.
In mod_headers.c ap_headers_error_filter, only the r->err_headers_out are fixed
up (line 893):
/*
* Add any header fields defined by "Header always" to r->err_headers_out.
* Server-wide first, then per-directory to allow overriding.
*/
do_headers_fixup(f->r, f->r->err_headers_out, dirconf->fixup_err, 0);
This effectively prevents manipulation of the Location header on Redirects.
If instead, the special case for the Location header would also be considered
in mod_headers, it could be properly manipulated with
Header always <action> Location
in the config.
The attached patch (untested, not even attempted to comile) could do the trick.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
