I've been contemplating something like a mod_taint, to apply rules akin to Perl's taint checking, at the earliest possible stage of request processing. In other words, apply taint checking to the request line as we read it, and to each header line before putting it in r->headers_in.
That would work with hooks from read_request_line and ap_get_mime_headers_core. No such hooks exist, and adding them for this purpose alone might seem OTT. Now, there could be another consideration here. This is HTTP-specific code in the core, which is at odds with the stated aspiration of being protocol-agnostic. Inserting hooks at these points could, in due course (e.g. for 2.4) enable us to punt this HTTP-specific code to a protocol module. The crucial question here is: can this path lead cleanly to overall protocol-agnosticism? Thoughts? Of course, the alternative for mod_taint is a post_read_request hook. It doesn't fit anywhere in the filter chain, because low-level decoding of folded lines and converting them into a headers_in table happens in a single step. -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/
