https://bz.apache.org/bugzilla/show_bug.cgi?id=65380
Bug ID: 65380 Summary: "Location" header not covered in ap_headers_error_filter Product: Apache httpd-2 Version: 2.4.48 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: mod_headers Assignee: bugs@httpd.apache.org Reporter: ronnie.brun...@netcetera.ch Target Milestone: --- Created attachment 37896 --> https://bz.apache.org/bugzilla/attachment.cgi?id=37896&action=edit mod_header.c patch to support Location header in ap_headers_error_filter http_protocol.c. has special handling for "Location" header in ap_send_error_response (i.e. take Location from r->headers_out if available and only fall back to r->err_headers_out if it's not in r->headers_out). And it is (best) practice to put the Location header in r-> headers_out. In mod_headers.c ap_headers_error_filter, only the r->err_headers_out are fixed up (line 893): /* * Add any header fields defined by "Header always" to r->err_headers_out. * Server-wide first, then per-directory to allow overriding. */ do_headers_fixup(f->r, f->r->err_headers_out, dirconf->fixup_err, 0); This effectively prevents manipulation of the Location header on Redirects. If instead, the special case for the Location header would also be considered in mod_headers, it could be properly manipulated with Header always <action> Location in the config. The attached patch (untested, not even attempted to comile) could do the trick. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org