httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject Re: mod_fcgid POST broken if FcgiAuthorizer is run
Date Fri, 09 Oct 2009 17:40:20 GMT
On Fri, Oct 9, 2009 at 1:26 PM, Barry Scott <barry.scott@onelan.co.uk> wrote:
> Jeff Trawick wrote:
>>
>> On Fri, Oct 9, 2009 at 12:04 PM, Barry Scott <barry.scott@onelan.co.uk>
>> wrote:
>>
>>>
>>> This has been filed as issue
>>> https://issues.apache.org/bugzilla/show_bug.cgi?id=47973
>>>
>>> Further testing of our application has shown up a problem using
>>> mod_fcgid 2.3.4.
>>>
>>> With the following configuration we are seeing the request body
>>> of POST messages get stripped out if FcgidAuthorizer is used for
>>> Location /player.  If we comment out the "Require onelan magic" the
>>> POSTs work.
>>>
>>> Looking at bridge_request we see the code is reading the input buckets
>>> and feeding then to the Authorizer.
>>>
>>> It seems to us that:
>>>
>>> Either this must not happen if the fcgid is an authorizer
>>>
>>
>> right
>>
>>
>>>
>>> or the buckets must be put back for whatever handles
>>> the POST to process.
>>>
>>> Barry
>>>
>>
>> See patch attached to the PR.  Thanks!
>>
>>
>
> No joy I get internal server error.
>
> But the patch below works for my case.
>
> Note: I don't understand the details of HTTPD to know if this patch is
> going to cause problems in other use cases, or indeed is only working
> by luck.

I'll have a look; thanks!

>
> One test that needs doing is to have a Responder and an Authorizer running
> for the same request. I'll see if I can do that test for you next week with
> the pieces
> I have.

Chris Darroch has a patch for that, which is a small part of

http://people.apache.org/~chrisd/patches/mod_fcgid_auth/mod_fcgid-1auth-trunk.patch

which applies to the old mod_fcgid 2.2 but which he has submitted here
for inclusion.  If you get stuck, look in there at some of the checks
for role == responder, one or more of which are for the
responder+authorizer-on-same-request issue.

Mime
View raw message