httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maik Mueller <>
Subject Re: Patches and Enhancements for a SSL-Proxy Based on Apache 2.0 (mod_ssl, mod_proxy, mod_headers)
Date Thu, 13 Feb 2003 14:45:33 GMT
Graham Leggett wrote:

> Maik Mueller wrote:
>> I don't consider the behaviour of mod_headers as a bug.
>> The point is that the content of the environment variable
>> SSL_CLIENT_CERT isn't formatted according to the rules for folding
>> headers onto multiple lines.
> The job of formatting the header onto multiple lines should be the job 
> of mod_headers - the data should come out the other side exactly as it 
> was passed in. Fixing this to work correctly is a far more elegant 
> solution to the problem. 

I'm neither the author of mod_headers nor can I see a bug in the current 
However, I admit that your proposal will improve the ease of use of 
environment variables in headers.

>> Building a correct header from a arbitrary environment variable's
>> content isn't that easy (CRLF, character escaping,...) and can be a
>> considerable performance penalty.
> Not necessarily. All it takes is to add a space before each line sent 
> out, which is not difficult to do.
> As to character escaping, I am not 100% sure what character set 
> restrictions exist on the content of headers.

You have to do both in any case. The check itself causes the performance 
And the inelegant thing is, that you waste the time even if you don't 
have to change anything.

> In your case the characters are base64 characters, which are not a 
> problem. RFC2616 should cover this though anyway. 

Correct, but you have to check the data before you know that.

By the way I'm not the one to defend the current implementation of 
To my mind this part is very performance critical and I have tried to 
affect performance as little as possible - especially when not using my 
new feature.

Probably we should look for other opinions.


View raw message