httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Mansfield <>
Subject Re: help with fixing a mod_auth_form bug regarding kept_body
Date Wed, 08 May 2013 14:34:46 GMT

On 05/03/2013 05:28 PM, David Mansfield wrote:
> I'm hitting this bug (I think):
> This bug makes the mode described in the docs. for mod_auth_form 
> called "Inline with Body Preservation" impossible, because it's 
> impossible to access the POSTed data from inside the login handler. 
> (I've tried using a cgi like /cgi-bin/login.cgi, and via mod_include 
> using smth like /login.shtml and KeptBodySize).
> The magic, or lack thereof, occurs at around line 979 of mod_auth_form.c.
> The code sets up a subrequest and uses that to ap_parse_form_data().  
> The kept_body_filter is not invoked until after this happens, which 
> could be the crux of the problem.
> Unfortunately I don't know much about apache internals and perhaps a 
> few minutes of expert guidance could point me in the right direction 
> for how to fix this.
> It doesn't seem that ap_parse_form_data has any provision for saving 
> the brigade anywhere so I imagine this will have to be done via a 
> kept_body, but I'm really lost at this point.
> Any ideas?

I've tried extensively to debug this - but it seems the kept_body is not 
passed properly to the request in "internal_internal_redirect" and that 
also the "f->ctx" (filter context variable) is not passed on either, and 
without these two things it is hopeless. Maybe this is intentional for 
"ErrorDocument" handling, but it makes this particular (documented) 
feature completely broken AFACT.

If there's someone on the list that can provide any feedback whatsoever 
it would be really helpful.

Can anyone confirm that "inline login with body preservation" has ever 
worked in any situation for them?

View raw message