Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 78555 invoked from network); 18 Dec 2009 16:03:47 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 18 Dec 2009 16:03:47 -0000 Received: (qmail 97740 invoked by uid 500); 18 Dec 2009 16:03:46 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 97632 invoked by uid 500); 18 Dec 2009 16:03:46 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 97623 invoked by uid 99); 18 Dec 2009 16:03:46 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 18 Dec 2009 16:03:46 +0000 X-ASF-Spam-Status: No, hits=-5.3 required=5.0 tests=AWL,BAYES_00 X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 18 Dec 2009 16:03:39 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 8EC9B2388996; Fri, 18 Dec 2009 16:03:19 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r892289 - in /httpd/httpd/trunk: CHANGES modules/cache/cache_storage.c Date: Fri, 18 Dec 2009 16:03:16 -0000 To: cvs@httpd.apache.org From: rpluem@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20091218160319.8EC9B2388996@eris.apache.org> Author: rpluem Date: Fri Dec 18 16:03:13 2009 New Revision: 892289 URL: http://svn.apache.org/viewvc?rev=892289&view=rev Log: * Do an exact match of the keys defined by CacheIgnoreURLSessionIdentifiers against the querystring instead of a partial match. PR: 48401 Submitted by: Dodou Wang Reviewed by: rpluem Modified: httpd/httpd/trunk/CHANGES httpd/httpd/trunk/modules/cache/cache_storage.c Modified: httpd/httpd/trunk/CHANGES URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=892289&r1=892288&r2=892289&view=diff ============================================================================== --- httpd/httpd/trunk/CHANGES [utf-8] (original) +++ httpd/httpd/trunk/CHANGES [utf-8] Fri Dec 18 16:03:13 2009 @@ -2,6 +2,11 @@ Changes with Apache 2.3.5 + *) mod_cache: Do an exact match of the keys defined by + CacheIgnoreURLSessionIdentifiers against the querystring instead of + a partial match. PR 48401.i + [Dodou Wang , Ruediger Pluem] + *) mod_proxy_balancer: Fix crash in balancer-manager. [Rainer Jung] *) mod_headers: Ensure that changes to the main request remain valid when Modified: httpd/httpd/trunk/modules/cache/cache_storage.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?rev=892289&r1=892288&r2=892289&view=diff ============================================================================== --- httpd/httpd/trunk/modules/cache/cache_storage.c (original) +++ httpd/httpd/trunk/modules/cache/cache_storage.c Fri Dec 18 16:03:13 2009 @@ -503,21 +503,54 @@ /* * Check if the identifier is in the querystring and cut it out. */ - if (querystring - && (param = strstr(querystring, *identifier)) - && (*(param + len) == '=') - ) { - char *amp; - - if (querystring != param) { - querystring = apr_pstrndup(p, querystring, - param - querystring); + if (querystring) { + /* + * First check if the identifier is at the beginning of the + * querystring and followed by a '=' + */ + if (!strncmp(querystring, *identifier, len) + && (*(querystring + len) == '=')) { + param = querystring; } else { - querystring = ""; + char *complete; + + /* + * In order to avoid subkey matching (PR 48401) prepend + * identifier with a '&' and append a '=' + */ + complete = apr_pstrcat(p, "&", *identifier, "=", NULL); + param = strstr(querystring, complete); + /* If we found something we are sitting on the '&' */ + if (param) { + param++; + } } - if ((amp = strchr(param + len + 1, '&'))) { - querystring = apr_pstrcat(p, querystring, amp + 1, NULL); + if (param) { + char *amp; + + if (querystring != param) { + querystring = apr_pstrndup(p, querystring, + param - querystring); + } + else { + querystring = ""; + } + + if ((amp = strchr(param + len + 1, '&'))) { + querystring = apr_pstrcat(p, querystring, amp + 1, NULL); + } + else { + /* + * If querystring is not "", then we have the case + * that the identifier parameter we removed was the + * last one in the original querystring. Hence we have + * a trailing '&' which needs to be removed. + */ + if (*querystring) { + querystring[strlen(querystring) - 1] = '\0'; + } + } } break; }