httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 42514] New: - ProxyPass between virtual hosts on the same ip & port misbehaves
Date Thu, 24 May 2007 18:51:07 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42514>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42514

           Summary: ProxyPass between virtual hosts on the same ip & port
                    misbehaves
           Product: Apache httpd-2
           Version: 2.0.55
          Platform: Sun
        OS/Version: Solaris
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_proxy
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: amylinari@swiftweb.com


ProxyPass behaves unreasonably when asked to proxy a request from one name based
virtual host to another which bound to the same ip and port.

Example partial config:
Listen 1.2.3.4:80
NameVirtualHost *

<VirtualHost *>
ServerName a.local
DocumentRoot /www/a.local
ProxyPass /bar http://b.local/foo
</VirtualHost>

<VirtualHost *>
ServerName b.local
DocumentRoot /www/b.local
</VirtualHost>

A request to http://a.local/bar/ will end up generating an entry in a.local's
logs as a request for /foo/ which is clearly unexepected. The response sent to
the client is consistant with the logs - it responds as if the original request
were http://a.local/foo/. This seems to happen in any case where b.local
resolves to an address which a.local is also configured to listen on.

This does not occur between virtual hosts in the same instance which are bound
to different ip/port pairs.

I noticed this in a scenario wherein I wanted to set up one virtual host running
as the webserver user which offered certain cgi based services, and set my other
virtual hosts, which all run with suEXEC, to proxy that server for requests to
certain paths. This allows there to be one copy of said trusted cgis that all of
the otherwise suEXEC limited hosts can access within their URI space.

I've worked around the problem without an additional apache instance by binding
the virtual host designed to provide services to one IP/port and explicitly
binding all of my virtual hosts to a different IP/port, so I consider my problem
resolved, but the documentation should at least warn future users of this. For
the record, the case that works looks like this:

Listen 1.2.3.4:80
Listen 127.0.0.1:8080
NameVirtualHost 1.2.3.4:80

<VirtualHost 1.2.3.4:80>
ServerName a.local
DocumentRoot /www/a.local
ProxyPass /bar http://b.local/foo
</VirtualHost>

<VirtualHost 127.0.0.1:8080>
ServerName b.local
DocumentRoot /www/b.local
</VirtualHost>

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message