Index: modules/mappers/mod_dir.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/mappers/mod_dir.c,v retrieving revision 1.35 diff -u -r1.35 mod_dir.c --- modules/mappers/mod_dir.c 2001/11/13 05:10:24 1.35 +++ modules/mappers/mod_dir.c 2001/12/02 09:53:18 @@ -118,39 +118,53 @@ static int fixup_dir(request_rec *r) { - /* only redirect for requests against directories or when we have - * a note that says that this browser can not handle redirs on - * non-GET requests (such as Microsoft's WebFolders). */ - if (r->finfo.filetype != APR_DIR || (r->method_number != M_GET && - apr_table_get(r->subprocess_env, "redirect-carefully"))) { + dir_config_rec *d; + char *dummy_ptr[1]; + char **names_ptr; + int num_names; + int error_notfound = 0; + + /* only handle requests against directories */ + if (r->finfo.filetype != APR_DIR) { return DECLINED; } + + /* In case mod_mime wasn't present, and no handler was assigned. */ + if (!r->handler) { + r->handler = DIR_MAGIC_TYPE; + } + + /* Never tollerate path_info on dir requests */ + if (r->path_info && *r->path_info) { + return DECLINED; + } - if (r->uri[0] == '\0' || r->uri[strlen(r->uri) - 1] != '/') { + /* Redirect requests that are not '/' terminated */ + if (r->uri[0] == '\0' || r->uri[strlen(r->uri) - 1] != '/') + { char *ifile; + + /* Only redirect non-get requests if we have no note to warn + * that this browser cannot handle redirs on non-GET requests + * (such as Microsoft's WebFolders). + */ + if (r->method_number != M_GET + && apr_table_get(r->subprocess_env, "redirect-carefully")) { + return DECLINED; + } + if (r->args != NULL) ifile = apr_pstrcat(r->pool, ap_escape_uri(r->pool, r->uri), - "/", "?", r->args, NULL); + "/", "?", r->args, NULL); else ifile = apr_pstrcat(r->pool, ap_escape_uri(r->pool, r->uri), - "/", NULL); + "/", NULL); apr_table_setn(r->headers_out, "Location", - ap_construct_url(r->pool, ifile, r)); + ap_construct_url(r->pool, ifile, r)); return HTTP_MOVED_PERMANENTLY; } - return OK; -} - -static int handle_dir(request_rec *r) -{ - dir_config_rec *d; - char *dummy_ptr[1]; - char **names_ptr; - int num_names; - int error_notfound = 0; - if (strcmp(r->handler,DIR_MAGIC_TYPE)) { return DECLINED; } @@ -158,19 +172,6 @@ d = (dir_config_rec *) ap_get_module_config(r->per_dir_config, &dir_module); - /* KLUDGE --- make the sub_req lookups happen in the right directory. - * Fixing this in the sub_req_lookup functions themselves is difficult, - * and would probably break virtual includes... - */ - - if (r->filename[strlen(r->filename) - 1] != '/') { - if (r->filename != r->canonical_filename) - r->canonical_filename = NULL; - r->filename = apr_pstrcat(r->pool, r->filename, "/", NULL); - if (r->canonical_filename) - r->canonical_filename = r->filename; - } - if (d->index_names) { names_ptr = (char **)d->index_names->elts; num_names = d->index_names->nelts; @@ -182,22 +183,27 @@ } for (; num_names; ++names_ptr, --num_names) { + /* XXX: Is this name_ptr considered escaped yet, or not??? */ char *name_ptr = *names_ptr; - request_rec *rr = ap_sub_req_lookup_uri(name_ptr, r, NULL); + request_rec *rr; - if (rr->status == HTTP_OK && rr->finfo.filetype == APR_REG) { - char *new_uri = ap_escape_uri(r->pool, rr->uri); + /* Once upon a time args were handled _after_ the successful redirect. + * But that redirect might then _refuse_ the given r->args, creating + * a nasty tangle. It seems safer to consider the r->args while we + * determine if name_ptr is our viable index, and therefore set them + * up correctly on redirect. + */ + if (r->args != NULL) + name_ptr = apr_pstrcat(r->pool, name_ptr, "?", r->args, NULL); - if (rr->args != NULL) - new_uri = apr_pstrcat(r->pool, new_uri, "?", rr->args, NULL); - else if (r->args != NULL) - new_uri = apr_pstrcat(r->pool, new_uri, "?", r->args, NULL); + rr = ap_sub_req_lookup_uri(name_ptr, r, NULL); - ap_destroy_sub_req(rr); - ap_internal_redirect(new_uri, r); + /* XXX: (filetype == APR_REG) - we can't use a non-file index??? */ + if (rr->status == HTTP_OK && rr->finfo.filetype == APR_REG) { + ap_internal_fast_redirect(rr, r); return OK; } - + /* If the request returned a redirect, propagate it to the client */ if (ap_is_HTTP_REDIRECT(rr->status) || @@ -216,8 +222,8 @@ /* If the request returned something other than 404 (or 200), * it means the module encountered some sort of problem. To be - * secure, we should return the error, rather than create - * along a (possibly unsafe) directory index. + * secure, we should return the error, rather than allow autoindex + * to create a (possibly unsafe) directory index. * * So we store the error, and if none of the listed files * exist, we return the last error response we got, instead @@ -229,8 +235,9 @@ ap_destroy_sub_req(rr); } - if (error_notfound) + if (error_notfound) { return error_notfound; + } /* nothing for us to do, pass on through */ @@ -242,7 +249,6 @@ static const char * const aszSucc[]={"mod_autoindex.c", NULL}; ap_hook_fixups(fixup_dir,NULL,NULL,APR_HOOK_MIDDLE); - ap_hook_handler(handle_dir,NULL,aszSucc,APR_HOOK_MIDDLE); } module AP_MODULE_DECLARE_DATA dir_module = {