Re: httpd response mimetype bug

Sat, 13 Jan 2018 00:40:53 -0800 

On Tue, Jan 09, 2018 at 05:38:57PM +0100, Hidvégi Gábor wrote:
> >Synopsis: httpd reports wrong mimetype when item is in the browser cache
> >Category: httpd
> >Environment:
>         System      : OpenBSD 6.2
>         Details     : OpenBSD 6.2 (GENERIC) #91: Wed Oct  4 00:35:21 MDT
> 2017
> 
> [email protected]:/usr/src/sys/arch/armv7/compile/GENERIC
> 
>         Architecture: OpenBSD.armv7
>         Machine     : armv7
> >Description:
> 
> httpd serves static files (eg. images) with Last-Modified http header. When
> a browser next time asks whether this file changed (sends If-Modified-Since
> http header) httpd responds with wrong mimetype, 'text/html' when the
> resource is in the browser cache (304 Not Modified status code).
> 
> >How-To-Repeat:
> 
> This bug is common, not arm only. When for example you open this image:
> https://man.openbsd.org/openbsd.gif
> 
> in a browser with developer tools (F12) open, on the network tab you can
> take a look at the response headers, mimetype is correct (image/gif). After
> opening press refresh (F5) and look at the response headers again, and you
> get the incorrect mimetype, 'text/html'.
> 
> >Fix:
> 
> check httpd source

Please try out this diff, it makes sure to set the correct MIME-type and
not respond with a body if the resource has not changed. Sending this to
tech@ as well.

Index: server_file.c
===================================================================
RCS file: /cvs/src/usr.sbin/httpd/server_file.c,v
retrieving revision 1.65
diff -u -p -r1.65 server_file.c
--- server_file.c       2 Feb 2017 22:19:59 -0000       1.65
+++ server_file.c       12 Jan 2018 19:10:20 -0000
@@ -230,8 +230,15 @@ server_file_request(struct httpd *env, s
                goto abort;
        }
 
-       if ((ret = server_file_modified_since(clt->clt_descreq, st)) != -1)
-               return (ret);
+       if (server_file_modified_since(clt->clt_descreq, st) == 0) {
+               media = media_find_config(env, srv_conf, path);
+               ret = server_response_http(clt, 304, media, 0,
+                   st->st_mtim.tv_sec);
+               if (ret != -1)
+                       goto done;
+               else
+                       goto fail;
+       }
 
        /* Now open the file, should be readable or we have another problem */
        if ((fd = open(path, O_RDONLY)) == -1)
@@ -663,10 +670,10 @@ server_file_modified_since(struct http_d
                if (strptime(since->kv_value,
                    "%a, %d %h %Y %T %Z", &tm) != NULL &&
                    timegm(&tm) >= st->st_mtim.tv_sec)
-                       return (304);
+                       return (0);
        }
 
-       return (-1);
+       return (1);
 }
 
 int

Reply via email to