On 02/13/2011 11:29 PM, Graham Leggett wrote:
> On 13 Feb 2011, at 5:08 PM, Ruediger Pluem wrote:
>
>>> +/*
>>> + * invalidate a specific URL entity in all caches
>>> + *
>>> + * All cached entities for this URL are removed, usually in
>>> + * response to a POST/PUT or DELETE.
>>> + *
>>> + * Th
On 02/14/2011 01:23 AM, Graham Leggett wrote:
> On 14 Feb 2011, at 2:15 AM, Paul Querna wrote:
>
>> It does a single request to the backend, but doesn't _invalidate_ the
>> existing cache, which would cause a flood of other, non-attacker
>> clients to come in.
>
> I think that would be the orig
On 02/13/2011 11:18 PM, Graham Leggett wrote:
> On 13 Feb 2011, at 5:22 PM, Ruediger Pluem wrote:
>
>>> +/* skip characters in sep (will terminate at '\0') */
>>> +while (*str && strchr(sep, *str)) {
>>> +++str;
>>> +}
>>> +
>>> +if (!*str) {/* no more tokens */
>
On 14 Feb 2011, at 2:15 AM, Paul Querna wrote:
It does a single request to the backend, but doesn't _invalidate_ the
existing cache, which would cause a flood of other, non-attacker
clients to come in.
I think that would be the origin of Roy saying that we should only
invalidate if the resul
On Sun, Feb 13, 2011 at 4:00 PM, Graham Leggett wrote:
> On 14 Feb 2011, at 1:56 AM, Paul Querna wrote:
>
>> Additionally, this should be a configurable behavior.
>>
>> Lets say you run a popular website that depends on mod_cache to
>> protect backend systems from complete overload.
>>
>> All you
On 14 Feb 2011, at 1:56 AM, Paul Querna wrote:
Additionally, this should be a configurable behavior.
Lets say you run a popular website that depends on mod_cache to
protect backend systems from complete overload.
All you need to do now as an attacker is POST / DELETE to / or another
important
On Sun, Feb 13, 2011 at 5:03 AM, Graham Leggett wrote:
> On 13 Feb 2011, at 9:59 AM, Roy T. Fielding wrote:
>
>>> URL: http://svn.apache.org/viewvc?rev=1070179&view=rev
>>> Log:
>>> mod_cache: When a request other than GET or HEAD arrives, we must
>>> invalidate existing cache entities as per RFC2
On Sun, 13 Feb 2011, Ruediger Pluem wrote:
On 02/12/2011 10:23 PM, s...@apache.org wrote:
Author: sf
Date: Sat Feb 12 21:23:56 2011
New Revision: 1070153
URL: http://svn.apache.org/viewvc?rev=1070153&view=rev
Log:
Use ap_state_query() to fix many modules that were not correctly initializing
if
On 13 Feb 2011, at 5:08 PM, Ruediger Pluem wrote:
+/*
+ * invalidate a specific URL entity in all caches
+ *
+ * All cached entities for this URL are removed, usually in
+ * response to a POST/PUT or DELETE.
+ *
+ * This function returns OK if at least one entity was found and
+ * removed, and D
On 13 Feb 2011, at 5:22 PM, Ruediger Pluem wrote:
+/* skip characters in sep (will terminate at '\0') */
+while (*str && strchr(sep, *str)) {
+++str;
+}
+
+if (!*str) {/* no more tokens */
+return NULL;
+}
+
+token = str;
+
+/* skip valid token
Am 10.02.2011 12:40, schrieb Carsten Wiedmann:
Then I've found my next problem:
I can't download any cgi/pl/php file... e.g. Firefox shows me:
| 550 /phpinfo.php: Not a directory
This happens for all files I have defined a handler somewhere. Of
course, I've added this to my ftpd.conf:
|
| Force
On 02/12/2011 01:15 AM, Daniel Ruggeri wrote:
>
> On 2/11/2011 8:26 AM, Eric Covener wrote:
>
>>
>> Thanks, went ahead and pushed them down since it's easy enough to put
>> any of them back.
>>
>
> Which reminds me... anyone care to add a +1 or begin a discussion about
> the mod_proxy change I
On 02/12/2011 10:23 PM, s...@apache.org wrote:
> Author: sf
> Date: Sat Feb 12 21:23:56 2011
> New Revision: 1070153
>
> URL: http://svn.apache.org/viewvc?rev=1070153&view=rev
> Log:
> Use ap_state_query() to fix many modules that were not correctly initializing
> if they were not active during
On 02/12/2011 02:08 PM, minf...@apache.org wrote:
> Author: minfrin
> Date: Sat Feb 12 13:08:57 2011
> New Revision: 1070075
>
> URL: http://svn.apache.org/viewvc?rev=1070075&view=rev
> Log:
> mod_cache: We must ignore quoted-string values that appear in a
> Cache-Control header. PR 50199.
>
>
On 02/13/2011 03:03 AM, minf...@apache.org wrote:
> Author: minfrin
> Date: Sun Feb 13 02:03:29 2011
> New Revision: 1070179
>
> URL: http://svn.apache.org/viewvc?rev=1070179&view=rev
> Log:
> mod_cache: When a request other than GET or HEAD arrives, we must
> invalidate existing cache entities
On 13 Feb 2011, at 9:59 AM, Roy T. Fielding wrote:
URL: http://svn.apache.org/viewvc?rev=1070179&view=rev
Log:
mod_cache: When a request other than GET or HEAD arrives, we must
invalidate existing cache entities as per RFC2616 13.10. PR 15868.
Cache entries should not be invalidated unless the
+---+
| Bugzilla Bug ID |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned
On Feb 12, 2011, at 6:03 PM, minf...@apache.org wrote:
> Author: minfrin
> Date: Sun Feb 13 02:03:29 2011
> New Revision: 1070179
>
> URL: http://svn.apache.org/viewvc?rev=1070179&view=rev
> Log:
> mod_cache: When a request other than GET or HEAD arrives, we must
> invalidate existing cache entit
18 matches
Mail list logo