So as most people have correctly identified, this defect has existed
for an incredibly long time.
But how it is triggered and avoided would help us to correctly study
unexpected behaviors.
OPTIONS * - won't trigger the defect, .htaccess should not be examined.
OPTIONS / - may trigger the
> Am 20.09.2017 um 12:33 schrieb Yann Ylavic :
>
> On Wed, Sep 20, 2017 at 12:09 PM, Stefan Eissing
> wrote:
>>
>> Is there some better way?
>
> I would go with the usual/unconditional per server config (and hence
> merging), trade
On Wed, Sep 20, 2017 at 12:09 PM, Stefan Eissing
wrote:
>
> Is there some better way?
I would go with the usual/unconditional per server config (and hence
merging), trade simplicity vs a few memory space...
Regards,
Yann.
On Wed, Sep 20, 2017 at 10:51 AM, Stefan Eissing
wrote:
> Trying to tighten some compiler warnings and gcc complains:
>
> /opt/httpd/trunk/include/mpm_common.h:390:5: error:
> "AP_ENABLE_EXCEPTION_HOOK" is not defined [-Werror=undef]
> #if AP_ENABLE_EXCEPTION_HOOK
mod_ssl's server_rec configurations (SSLSrvConfigRec) are shared between vhost
and base server *iff* there are no SSL* directives used inside a VirtualHost.
This is not really a good idea since mod_ssl modifies these recs in its
post_config hook. This looks currently harmless, e.g. setting
Trying to tighten some compiler warnings and gcc complains:
/opt/httpd/trunk/include/mpm_common.h:390:5: error: "AP_ENABLE_EXCEPTION_HOOK"
is not defined [-Werror=undef]
#if AP_ENABLE_EXCEPTION_HOOK
We seem to "#undef" this. Should the check in mpm_common.h not be #ifdef then?