I agree, we have to check if it latches the back-end before changing it
to the front-end, and vice-versa.
This way, it sounds totally safe, no ?
Graham Leggett wrote:
On Wed, October 3, 2007 1:03 pm, Nick Kew wrote:
It would break headers that contain a URL-like pattern that isn't
a URL. And if you think that's unlikely, just look at the number
of false positives in desktop software (e.g. mailers) that guesses
links and makes http://www.example.org or even just www.example.com
clickable.
As I recall the ProxyPassReverse does an exact string prefix match on
Location, and if there is a match, the header is changed, otherwise it
leaves the header alone.
By saying "ProxyPassReverse" it seems sane to be telling the proxy that it
should hide every and all occurences of the backend url by replacing it
with the frontend url, although from the perspective of changing existing
behaviour in existing installations, a compromise would be to identify
headers used by WebDAV, and alter those headers as well as Location.
Regards,
Graham
--
