Return-Path: <dev-return-88110-archive-asf-public=cust-asf.ponee.io@httpd.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 40FAB200BF4
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri,  6 Jan 2017 18:06:59 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 3F9CC160B39; Fri,  6 Jan 2017 17:06:59 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 85974160B37
	for <archive-asf-public@cust-asf.ponee.io>; Fri,  6 Jan 2017 18:06:58 +0100 (CET)
Received: (qmail 91926 invoked by uid 500); 6 Jan 2017 17:06:52 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 91916 invoked by uid 99); 6 Jan 2017 17:06:52 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 06 Jan 2017 17:06:52 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id EF6F91A7C11
	for <dev@httpd.apache.org>; Fri,  6 Jan 2017 17:06:51 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.121
X-Spam-Level: 
X-Spam-Status: No, score=-0.121 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled
Authentication-Results: spamd2-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id hVaYNitSN4Lt for <dev@httpd.apache.org>;
	Fri,  6 Jan 2017 17:06:51 +0000 (UTC)
Received: from mail-pg0-f45.google.com (mail-pg0-f45.google.com [74.125.83.45])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 9FA675F5C6
	for <dev@httpd.apache.org>; Fri,  6 Jan 2017 17:06:50 +0000 (UTC)
Received: by mail-pg0-f45.google.com with SMTP id 14so8917511pgg.1
        for <dev@httpd.apache.org>; Fri, 06 Jan 2017 09:06:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:references:from:message-id:date:user-agent:mime-version
         :in-reply-to:content-transfer-encoding;
        bh=Vl4xeXvbvLWWnKlDtaHyghAUhrJ0mMxXMV/JwRlvUvA=;
        b=Zi/UrMyC421v9urPyZ228Tjxoc5HQSTtsMJ8NfTutsDSawcg7+Fo11ETqg0YKZ7EEr
         wkjee7ojOG4QJr0NFAgd+hZwg1wIFLY+cqmducP9G+fvAf8EGJFHRTAtB8F66mPWIpYR
         ujT1UYV7BvvoTpr2Pv2FABj9ud2CGqO3yYuAHOZbOp7CcljRYGdJ0G27yICbGqiLnUfM
         FBOdbz9/44rdAef2kDnKW5baynN1/eBWQ7rymWASLu3pIF/6Vmw6b2zAXJyFFY4xP3np
         tXdazmxOD8+Cm/QFECc4aKh9yID6i5I/jwdoHBrZ4wQ6VJX83+TyW0KhGPa13PpUuQD4
         Sbgg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-transfer-encoding;
        bh=Vl4xeXvbvLWWnKlDtaHyghAUhrJ0mMxXMV/JwRlvUvA=;
        b=UUjJgYU1zfekQKzlqUl0NrZ/pMZctVd9RUdEq2GCooGR6utp6bsHSAi4XX2ug32pty
         nIOrQotWDuUu6bQ8uJ48r193IeIo6p70Zb+UTV8xS1UdDrbRlug5CuORZOAvDFcMysZ2
         JRDwI52ZK2HZ8171/ZeFg82Bi/D95Kkg1JnWSaa04wEBQOWptJf2yDb4Ewq/Jj2F2Lg0
         Q1SMRzA4/u+b6T4c0I4U+HY7z4f6DVXffpjLFdIO6pAK5uya5dtWUDmZnR36eRUqG7N7
         e9qdi7aCt/krTBMN+AP39CG5AfiFmQF0ECOESHpGBFFzFSHvjW7bd4xn5ng7VFK0xcFk
         6Tng==
X-Gm-Message-State: AIkVDXIsUj2N2GyvLtfNZbuMMpwsoDt0Wj22FjetrDtOlNjGwJqEV3B4HNlBPQ9QFruIwg==
X-Received: by 10.84.128.46 with SMTP id 43mr169910685pla.100.1483722391003;
        Fri, 06 Jan 2017 09:06:31 -0800 (PST)
Received: from [192.168.1.7] (50-39-112-180.bvtn.or.frontiernet.net. [50.39.112.180])
        by smtp.gmail.com with ESMTPSA id 24sm161198929pfh.41.2017.01.06.09.06.30
        for <dev@httpd.apache.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 06 Jan 2017 09:06:30 -0800 (PST)
Subject: Re: svn commit: r1777460 -
 /httpd/httpd/trunk/modules/http/http_filters.c
To: dev@httpd.apache.org
References: <20170105123149.2C22D3A0252@svn01-us-west.apache.org>
From: Jacob Champion <champion.p@gmail.com>
Message-ID: <d7e80ab4-4c8b-565f-802a-519664348ec2@gmail.com>
Date: Fri, 6 Jan 2017 09:06:29 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <20170105123149.2C22D3A0252@svn01-us-west.apache.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
archived-at: Fri, 06 Jan 2017 17:06:59 -0000

On 01/05/2017 04:31 AM, ylavic@apache.org wrote:
> Author: ylavic
> Date: Thu Jan  5 12:31:48 2017
> New Revision: 1777460
>
> URL: http://svn.apache.org/viewvc?rev=1777460&view=rev
> Log:
> http: allow folding in check_headers(), still compliant with RFC 7230 (3.2.4).
>
> Modified:
>     httpd/httpd/trunk/modules/http/http_filters.c
>
> Modified: httpd/httpd/trunk/modules/http/http_filters.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/http/http_filters.c?rev=1777460&r1=1777459&r2=1777460&view=diff
> ==============================================================================
> [...]
> @@ -683,8 +726,10 @@ static APR_INLINE int check_headers(requ
>
>      ctx.r = r;
>      ctx.strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
> -    return apr_table_do(check_header, &ctx, r->headers_out, NULL) &&
> -           apr_table_do(check_header, &ctx, r->err_headers_out, NULL);
> +    ctx.unfold = (!r->content_type || strncmp(r->content_type,
> +                                              "message/http", 12));

I don't think this unfolding exception should exist, at least not in 
this part of the code. My reading of 7230 is not that folded headers are 
allowed when the Content-Type is message/http, but rather that folded 
headers are allowed *inside* the message/http payload body:

    This specification deprecates such
    line folding except within the message/http media type
    (Section 8.3.1). A sender MUST NOT generate a message that includes
    line folding (i.e., that has any field-value that contains a match to
    the obs-fold rule) unless the message is intended for packaging
    within the message/http media type.

IOW, the message/http payload body is allowed to be line-length limited, 
I assume because it's a message/* media type. But that doesn't apply to 
the HTTP-level headers.

--Jacob