Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 41420 invoked from network); 6 Oct 2009 15:51:37 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 6 Oct 2009 15:51:37 -0000 Received: (qmail 31942 invoked by uid 500); 6 Oct 2009 15:51:36 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 31872 invoked by uid 500); 6 Oct 2009 15:51:36 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 31863 invoked by uid 99); 6 Oct 2009 15:51:36 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Oct 2009 15:51:36 +0000 X-ASF-Spam-Status: No, hits=2.2 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of billzajac@gmail.com designates 209.85.212.188 as permitted sender) Received: from [209.85.212.188] (HELO mail-vw0-f188.google.com) (209.85.212.188) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 06 Oct 2009 15:51:22 +0000 Received: by vws17 with SMTP id 17so2209345vws.24 for ; Tue, 06 Oct 2009 08:51:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type; bh=dQMOB6Uw0EEgsPA8nNWg0ofLtpEMhOYskQZT1jExqTc=; b=LcX75UQoqvaZD1xRfdr5uErVf0juDce39iuC9GSthL5PeQNZbxaYBhLfBWfntJ1FeV 55J2tnLKbPY2BFbeqqUgQSkwu2lkje40gBL7JepgZuSbz8FjYMZdHKHaFVmC1mQUO3TV ToAc5MpLqXxikpr6hL3hi5MEUgDd4+VMO4dbQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=LJF691qMtLvHxfodOny62Lpjhj0nsZhvehAanwa4vC8gZujTGhfFo7CdAMe073JpWC jwxTeLRc4y/ipoqO+uSRMe7LN6BLqOXqy8vEwpkNQglNvvQ+o46jG8kYEsPoT3DP1YJC Rg0puQC4YreRxotcDmAWc7I86AkHz3Y/0+8ac= MIME-Version: 1.0 Sender: billzajac@gmail.com Received: by 10.220.78.218 with SMTP id m26mr2622179vck.30.1254844261454; Tue, 06 Oct 2009 08:51:01 -0700 (PDT) In-Reply-To: References: Date: Tue, 6 Oct 2009 08:51:01 -0700 X-Google-Sender-Auth: f27d6afa34552e2e Message-ID: Subject: Re: PATCH ] - mod_rewrite and CONNECT requests From: Bill Zajac To: dev@httpd.apache.org Content-Type: multipart/alternative; boundary=001636284fd873d6a104754632b6 X-Virus-Checked: Checked by ClamAV on apache.org --001636284fd873d6a104754632b6 Content-Type: text/plain; charset=ISO-8859-1 Thank you for committing this to the trunk. Is there any chance of getting this added to 2.2.x also? Thanks again, BillZ On Mon, Oct 5, 2009 at 12:23 PM, Bill Zajac wrote: > I hope someone from the official dev team can merge this into the next > release of apache httpd. > > Please find attached an svn diff made against revision 820823 of: > > http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c > > This diff fixes the Bug 29744 on the Bugzilla: > Bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=47928 > Patch: https://issues.apache.org/bugzilla/attachment.cgi?id=24329 > > This fix allows mod_rewrite to handle CONNECT requests (by not trying to > fully qualify the substitution string). > The current behavior is that mod_rewrite tries to connect to > http[s]://ourhost[:ourport]/host:port. > > I checked with the RFC (http://www.ietf.org/rfc/rfc2817.txt): > A CONNECT method requests that a proxy establish a tunnel connection > on its behalf. The Request-URI portion of the Request-Line is always > an 'authority' as defined by URI Generic Syntax [2], which is to say > the host name and port number destination of the requested connection > separated by a colon: > > CONNECT server.example.com:80 HTTP/1.1 > Host: server.example.com:80 > This patch will allow a CONNECT request to simply connect to the host:port > specified in the substitution string of the rewrite rule. > > Hopefully this is enough detail to help. > > Thank you, > BillZ > --001636284fd873d6a104754632b6 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Thank you for=A0committing=A0this to the trunk. =A0Is there any chance of g= etting this added to 2.2.x also?

Thanks again,
BillZ

On Mon, Oct 5, 2009 at 12:23 PM, B= ill Zajac <bill= z@consultla.com> wrote:
I hope someone from the official dev t= eam can merge this into the next release of apache httpd.

Please find attached an svn diff made against revision 820823 of:

This diff fixes the Bug 29744 on the Bugzilla:
=A0=A0Bug: https://issues.apache.org/bugzilla/show_bug.cgi= ?id=3D47928
=A0=A0
This fix allows mod_rewrite t= o handle CONNECT requests (by not trying to fully qualify the substitution = string).
The current behavior is that mod_rewrite tries to connect to http[s]:/= /ourhost[:ourport]/host:port.

I checked with the R= FC (http:= //www.ietf.org/rfc/rfc2817.txt):
=A0=A0 A CONNECT method requests that a proxy establish a tunnel conne= ction
=A0=A0 on its behalf. The Request-URI portion of the Reques= t-Line is always
=A0=A0 an 'authority' as defined by URI = Generic Syntax [2], which is to say
=A0=A0 the host name and port number destination of the requested conn= ection
=A0=A0 separated by a colon:

=A0= =A0 =A0 =A0CONNECT server.example.com:80 HTTP/1.1
=A0=A0 =A0 =A0Host: server.example.com:80
This patch will allow a CONNEC= T request to simply connect to the host:port specified in the substitution = string of the rewrite rule.

Hopefully this is enough detail to help.

=
Thank you,
BillZ

--001636284fd873d6a104754632b6--