httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Darroch <>
Subject Re: svn commit: r1357986 - /httpd/mod_fcgid/trunk/modules/fcgid/fcgid_bridge.c
Date Thu, 03 Oct 2013 05:06:54 GMT
Chris Darroch wrote:

>    The intent of r1357986 was to deal with a particular, wonky
> sub-case, when the Authorizer returns 200 (so the spec paragraph
> doesn't apply in this case, as it's a 200 OK response), but adds
> a Location header with a relative (not absolute) path.  In this case,
> 2.3.7 and previous will run the sub-request and return whatever comes
> out of that -- sometimes munging the end result as a consequence.
> (Note that a 200 with an absolute URL in a Location header just produces
> a 401 response.)

   Actually, I have to take back that last parenthetical note --
with 2.3.7, a 200 + absolute Location URL produces a 302 + Location header,
and with trunk, it produces a 401 like other 200 + Location header cases.

   That might be, I suppose, considered a regression ... let me
think on it a bit.  It's not covered by the spec case you mention, since
the script is returning 200.  The 2.3.7 behaviour is inconsistent depending
on the nature of the URL in the Location header, given a 200.  Trunk
makes that behaviour consistent, but perhaps that's a regression?  Hmm.


GPG Key ID: 088335A9
GPG Key Fingerprint: 86CD 3297 7493 75BC F820  6715 F54F E648 0883 35A9

View raw message