Re: [squid-dev] [PATCH] adapting 100-Continue / A Bug 4067 fix

Sun, 18 Jan 2015 10:53:57 -0800 

On 01/18/2015 06:40 PM, Amos Jeffries wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 8/01/2015 12:35 a.m., Tsantilas Christos wrote:


On 01/01/2015 01:47 AM, Alex Rousskov wrote:

On 11/09/2014 02:02 PM, Tsantilas Christos wrote:


void Http::Server::processParsedRequest(ClientSocketContext
*context) { +    if (!buildHttpRequest(context)) + return; + +
if (Config.accessList.forceRequestBodyContinuation) { +
ClientHttpRequest *http = context->http; +        HttpRequest
*request = http->request; +        ACLFilledChecklist
bodyContinuationCheck(Config.accessList.forceRequestBodyContinuation,




request, NULL);

+        if (bodyContinuationCheck.fastCheck() ==
ACCESS_ALLOWED) { +            debugs(33, 5, "Body
Continuation forced"); +
request->forcedBodyContinuation = true;



The HTTP code above sends 100-Continue responses to HTTP GET
messages unless the admin is very careful with the ACLs. This
can be reproduced trivially with

force_request_body_continuation allow all

We should not evaluate force_request_body_continuation if the
request does not have a body IMO. The
force_request_body_continuation documentation makes that option
specific to upload requests. If you agree, please adjust the
committed code accordingly.


:-(

I am attaching a patch which fixes this. The patch attached in both
normal form and "-b" diff option to allow squid developers examine
the proposed changes.



+1. Looks fine to me. The isolation to Http::Server is a good improvement.


Adjusted and applied to trunk.




Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUu+IJAAoJELJo5wb/XPRjph8IANkgIr92uRBpCv5Nz6QMfJlV
byiabdb+/u5t5EJH3LdstYeOonUaQPbxjs9QP6jF7HdmzugK57Q2yW92bigzwJ33
gAOqvAoz5OV6UHp4e0zI7faXEollnz1MaIounCsVKJzQUlc+aXWFomc/gtG9gRZv
NfPYmo51H1/IV+zZ+ccGBhc6plUlcRI6n03YQMVI4WF0lfkqn8Aq57Prvm2vqxEe
N+IuXiXt19zRUFGmFNV0CE9nJdoktind7ucOkzEFhbsCIxitUAKrDRQU8IrXws7a
AYHb+u2i/rUH9+KyLSKQyvj4GpgvrMkdjzhwKe9t3c64vwTIg4cNT8bveykl0sQ=
=drM6
-----END PGP SIGNATURE-----
_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev



_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev

Reply via email to