Hi everyone,
I'm learning WebDAV protocol with apache httpd server and subversion.
Atfer reading the source code of Mod_Dav.so(which is responsible for
interpreting the WebDAV protocol), I find that there are methods
dav_method_bind(
Hi,
when mod_proxy(_http) has to forward the same request multiple times
(next balancer's worker / 100-continue ping), it duplicates
(re-merges) the same Via and X-Forwarded-* values as many times.
This is because ap_proxy_create_hdrbrgd() works directly on
r-headers_in before constructing the
This happens, at most, what, maybe 2 times? Is that
really an issue? And if so, since ap_proxy_http_request()
is local static, we could certainly pass the number of retries
to it and bypass the extra call to ap_proxy_create_hdrbrgd()
on retries, right?
Or am I missing something (which I likely am
[X] It is mandatory to provide best available description and any available
tracking information when committing fixes for vulnerabilities to any
branch, delaying committing of the fix if the information shouldn't be
provided yet.
* cove...@apache.org wrote:
Author: covener
Date: Mon Jan 13 01:51:58 2014
New Revision: 1557641
URL: http://svn.apache.org/r1557641
Log:
don't search for directory indexes/directoryslashes if a URL is in the
middle of being rewritten [in per-dir context]. PR53929
Modified:
On Mon, Jan 13, 2014 at 5:38 PM, Jim Jagielski j...@jagunet.com wrote:
This happens, at most, what, maybe 2 times? Is that
really an issue?
The worst case is 2 x number of balancer's workers tries, when the
request is a POST, ping is configured and all the balancer's wokers
aren't
Should it be prefixed (e.g. with REWRITE_)?
And maybe the handler name, too? (this one trunk only).
makes sense, will revisit soon.
Ping?
Regards
RĂ¼diger
Ruediger Pluem wrote:
j...@apache.org wrote:
Author: jim
Date: Thu Jan 9 14:28:39 2014
New Revision: 1556815
URL: http://svn.apache.org/r1556815
Log:
Merge r1524368, r1524388 from trunk:
Use apr_socket_timeout_get instead of hard-coded 30 seconds timeout.
cove...@apache.org wrote:
restore http://svn.apache.org/viewvc?view=revisionrevision=233369
under a configurable option: don't run mod_dir if r-handler is already set.
PR53794
I like this, and it's certainly a more configurable solution to
the problem with mod_dav which came up last week:
For users of mod_dav, though, this means that a working 2.2.x
configuration will still break after an upgrade to 2.4.8; they'd
need to add in DirectoryCheckHandler On.
For the rewrite PR's, which are relatively old, I just wanted to get a
safe non-default change into 2.4.x.
I subsequently
On 1/13/14, 12:29 AM, vancaho wrote:
Hi everyone,
I'm learning WebDAV protocol with apache httpd server and subversion.
Atfer reading the source code of Mod_Dav.so(which is responsible for
interpreting the WebDAV protocol), I find that there are methods
On 1/11/14, 5:02 AM, Jeff Trawick wrote:
I think a lot of your concerns revolve around assessment of when a
vulnerability can be disclosed, and that has to be determined on a case by
case
basis. The vote is just about whether there will be an in-between situation
where we share some
12 matches
Mail list logo