httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ryan Bloom <>
Subject Annoying unusual bug.
Date Tue, 11 Jan 2000 17:23:25 GMT

This bug was reported to me, and although I have a solution, I think it
should be pushed off to 2.0.  I am looking for any other ideas for how to
fix this.

The basic bug is that a https request is made without a trailing slash,
which causes a redirect, and on that page a cookie is set.  When Apache
creates the url for the redirect, it will automatically append the port
number if it is not port 80.  This causes Netscape to assocaite the cookie
with the full hostname with the port appended, and when the user goes to
the next page, the cookie is forgotten.  For example:

request is made to:

Apache causes a redirect to:

The cookie is assocaited with and when the user clicks on a
link and requests, the cookie is ignored.

This is a VERY unusual set of circumstances, but I think it should be
fixed.  The obvious solution to me, was to allow modules to register
protocols and default ports.  When we create a redirection url, if the
default port for the current protocol is used, we leave off the port
number.  The problem, we don't record the protocol in the request_rec.

So, my solution:
add a char *protocol to the request_rec, and have it default to http.
When the request comes in, if it is anything else, we overwrite this
default.  This also keeps the SSL modules from having to provide this
field in the record (I have been told most of them provide it, but I
haven't checked yet).  This would allow us to register the protocols, and
the rest of the algorithm works properly.

Any other thoughts?  If not, I will implement this for Apache 2.0 very


Ryan Bloom
4205 S Miami Blvd	
RTP, NC 27709		

Come to the first official Apache Software Foundation
Conference!  <http://ApacheCon.Com/>

View raw message