Version: 2.0.48
In our module, we are using ap_custom_response() to set response data
based on certain header value from the user-agent. The logic is as
follows:
module_check_user_id(request_rec *r)
{
//
// ...
//
if (our_agent_detected && need_to_fail_authn)
{
ap_custom_response(r, HTTP_UNAUTHORIZED,
g_CustomString);
apr_table_set(r->err_headers_out, "Content-Length",
g_CustomStringLength);
apr_table_mergen(r->err_headers_out,
r->proxyreq == PROXYREQ_PROXY ?
"Proxy-Authenticate" : "WWW-Authenticate",
apr_psprintf());
return (HTTP_UNAUTHORIZED);
}
//
// ...
//
}
This works fine for the case when we need to set our custom response.
But, in the case, where the server's regular 401 document needs to be
sent, even though we are not setting our custom string, Apache sends out
a previously set custom string. This seems a little bit odd, as the
memory being allocated in ap_custom_response() is from the request's
pool. Isn't ap_custom_response() supposed to be on a per-request basis?
Thanks,
-Indu
