httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Gearls <>
Subject Re: mod_proxy & &headers
Date Wed, 03 Oct 2007 10:12:05 GMT
I agree, we have to check if it latches the back-end before changing it 
to the front-end, and vice-versa.
This way, it sounds totally safe, no ?

Graham Leggett wrote:
> On Wed, October 3, 2007 1:03 pm, Nick Kew wrote:
>> It would break headers that contain a URL-like pattern that isn't
>> a URL.  And if you think that's unlikely, just look at the number
>> of false positives in desktop software (e.g. mailers) that guesses
>> links and makes or even just
>> clickable.
> As I recall the ProxyPassReverse does an exact string prefix match on
> Location, and if there is a match, the header is changed, otherwise it
> leaves the header alone.
> By saying "ProxyPassReverse" it seems sane to be telling the proxy that it
> should hide every and all occurences of the backend url by replacing it
> with the frontend url, although from the perspective of changing existing
> behaviour in existing installations, a compromise would be to identify
> headers used by WebDAV, and alter those headers as well as Location.
> Regards,
> Graham
> --

View raw message