httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Koen Holtman <Koen.Holt...@cern.ch>
Subject [PATCH] Removing mxb feature from mod_negotiation
Date Thu, 03 Jun 1999 16:01:01 GMT

[Follow-up to earlier off-line discussion with Roy]

This patch removes the processing of `mxb' parameters in Accept
headers in mod_negotiation.  A second patch updates the manual to
reflect this (mxb is not documented directly in the manual but support
for it is implied in one place).

Reasons for removing this feature:

1) As currently implemented, the 'mxb' feature makes possible certain
denial-of-service attacks on negotiated content.  These attacks are
posssible for user communities which access an Apache server from
behind a HTTP/1.1 proxy which implements `Vary' related optimisations.
Plugging this denial of service hole without removing `mxb' is fairly
expensive in terms of degrading caching efficiency.

2) `mxb' is not in HTTP/1.0 or HTTP/1.1 or any other standard

3) Nobody seems to make use of 'mxb'.  (Balachander Krishnamurthy
kindly offered to grep some of his web traffic traces -- he did not
find a single Accept with mxb in a whole day of recent traffic, nor in
older traces)

4) Removing a feature makes a nice change from adding features.

Koen.


Two patches in all:

Patch 1 to mod_negotiation.c

--- /root/logs/mod_negotiation.latest.c	Wed Jun  2 20:07:56 1999
+++ mod_negotiation.c	Wed Jun  2 23:35:29 1999
@@ -140,7 +140,6 @@
 typedef struct accept_rec {
     char *name;                 /* MUST be lowercase */
     float quality;
-    float max_bytes;
     float level;
     char *charset;              /* for content-type only */
 } accept_rec;
@@ -315,7 +314,6 @@
                              const char *accept_line)
 {
     result->quality = 1.0f;
-    result->max_bytes = 0.0f;
     result->level = 0.0f;
     result->charset = "";
 
@@ -392,10 +390,6 @@
             && (parm[1] == '\0' || (parm[1] == 's' && parm[2] == '\0')))
{
             result->quality = atof(cp);
         }
-        else if (parm[0] == 'm' && parm[1] == 'x' &&
-                 parm[2] == 'b' && parm[3] == '\0') {
-            result->max_bytes = atof(cp);
-        }
         else if (parm[0] == 'l' && !strcmp(&parm[1], "evel")) {
             result->level = atof(cp);
         }
@@ -613,7 +607,6 @@
         new_accept->name = "*/*";
         new_accept->quality = 1.0f;
         new_accept->level = 0.0f;
-        new_accept->max_bytes = 0.0f;
     }    
 
     new_accept = (accept_rec *) ap_push_array(neg->accepts);
@@ -626,7 +619,6 @@
         new_accept->quality = prefer_scripts ? 2.0f : 0.001f;
     }
     new_accept->level = 0.0f;
-    new_accept->max_bytes = 0.0f;
 }
 
 /*****************************************************************
@@ -1520,13 +1512,6 @@
             }
         }
 
-        /* Check maxbytes -- not in HTTP/1.1 or TCN */
-
-        if (type->max_bytes > 0
-            && (find_content_length(neg, variant) > type->max_bytes)) {
-            continue;
-        }
-
         /* If we are allowed to mess with the q-values
          * and have no explicit q= parameters in the accept header,
          * make wildcards very low, so we have a low chance
@@ -2206,14 +2191,6 @@
                         ap_array_pstrcat(r->pool, arr, '\0'));
     } 
 
-    /* Theoretically the negotiation result _always_ has a dependence on
-     * the contents of the Accept header because we do 'mxb='
-     * processing in set_accept_quality().  However, variations in mxb
-     * only affect the relative quality of several acceptable variants,
-     * so there is no reason to worry about an unacceptable variant
-     * being mistakenly prioritized.  We therefore ignore mxb in deciding
-     * whether or not to include Accept in the Vary field value.
-     */
     if (neg->is_transparent || vary_by_type || vary_by_language ||
         vary_by_language || vary_by_charset || vary_by_encoding) {
 


Patch to update htdocs/manual/content-negotiation.html :

--- content-negotiation.html.org	Thu Jun  3 13:44:12 1999
+++ content-negotiation.html	Thu Jun  3 13:47:26 1999
@@ -196,10 +196,9 @@
        for compress'd files, and <CODE>x-gzip</CODE> for gzip'd files.
        The <CODE>x-</CODE> prefix is ignored for encoding comparisons.
   <DT> <CODE>Content-Length:</CODE>
-  <DD> The size of the file.  Clients can ask to receive a given media
-       type only if the variant isn't too big; specifying a content
-       length in the map allows the server to compare against these
-       thresholds without checking the actual file.
+  <DD> The size of the file.  Specifying content
+       lengths in the type-map allows the server to compare file sizes
+       without checking the actual files.
   <DT> <CODE>Description:</CODE>
   <DD> A human-readable textual description of the variant.  If Apache cannot
        find any appropriate variant to return, it will return an error 



Mime
View raw message