httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Fwd: svn commit: r1031758 - in /httpd/httpd/trunk: CHANGES modules/proxy/mod_proxy.c
Date Sat, 23 Mar 2013 20:54:15 GMT
I don't remember this at all, is it completely wrong?

I guess at the very least If you proxied in per-directory rewrite, you
could make use of ProxyPassReverse in <Directory> all things being
equal.

https://issues.apache.org/bugzilla/show_bug.cgi?id=47765
https://issues.apache.org/bugzilla/show_bug.cgi?id=54616


---------- Forwarded message ----------
From:  <covener@apache.org>
Date: Fri, Nov 5, 2010 at 4:03 PM
Subject: svn commit: r1031758 - in /httpd/httpd/trunk: CHANGES
modules/proxy/mod_proxy.c
To: cvs@httpd.apache.org


Author: covener
Date: Fri Nov  5 20:03:02 2010
New Revision: 1031758

URL: http://svn.apache.org/viewvc?rev=1031758&view=rev
Log:
PR47765: ProxyPass and ProxyPassReverse should not be accepted in
Directory or Files sections.


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/proxy/mod_proxy.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1031758&r1=1031757&r2=1031758&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Nov  5 20:03:02 2010
@@ -6,6 +6,9 @@ Changes with Apache 2.3.9
      Fix a denial of service attack against mod_reqtimeout.
      [Stefan Fritsch]

+  *) mod_proxy: Don't allow ProxyPass or ProxyPassReverse in
+     <Directory> or <Files>. PR47765 [Eric Covener]
+
   *) prefork/worker/event MPMS: default value (when no directive is present)
      of MaxConnectionsPerChild/MaxRequestsPerChild is changed to 0 from 10000
      to match default configuration and manual. PR47782 [Eric Covener]

Modified: httpd/httpd/trunk/modules/proxy/mod_proxy.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy.c?rev=1031758&r1=1031757&r2=1031758&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy.c Fri Nov  5 20:03:02 2010
@@ -1337,6 +1337,12 @@ static const char *
     int i;
     int use_regex = is_regex;
     unsigned int flags = 0;
+    const char *err;
+
+    err = ap_check_cmd_context(cmd, NOT_IN_DIRECTORY|NOT_IN_FILES);
+    if (err) {
+        return err;
+    }

     while (*arg) {
         word = ap_getword_conf(cmd->pool, &arg);
@@ -1490,6 +1496,12 @@ static const char * add_pass_reverse(cmd
     const char *fake;
     const char *real;
     const char *interp;
+    const char *err;
+
+    err = ap_check_cmd_context(cmd, NOT_IN_DIRECTORY|NOT_IN_FILES);
+    if (err) {
+        return err;
+    }

     if (cmd->path == NULL) {
         if (r == NULL || !strcasecmp(r, "interpolate")) {




--
Eric Covener
covener@gmail.com

--
Eric Covener
covener@gmail.com

Mime
View raw message