httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kalyana sundaram <kalyan...@gmail.com>
Subject [users@httpd] Issue with LimitRequestBody
Date Mon, 20 Jan 2014 10:31:14 GMT
Hi
I am using httpd-2.2.26. Whenever I use LimitRequestBody directive Apache
gives 413 to user if content length is greater than the value specified in
directive but logs as 200. It even appends the response html along with
error document. This problem happens in httpd-2.4.4 also
On further debugging 2.2.26 with gdb i found the problem occurs in
modules/http/http_request.c (ap_process_request) line 291

if (access_status == OK) {
        ap_finalize_request_protocol(r);
    }
    else {
        r->status = HTTP_OK;
        ap_die(access_status, r);
    }


the access_status for request which are to reponsed to 413 is not OK(it is
-3). So it reaches else part, which sets status as 200 and calls ap_die
If I make the change as

if (access_status == OK||r->status==413) {
        ap_finalize_request_protocol(r);
    }
    else {
        r->status = HTTP_OK;
        ap_die(access_status, r);
    }

It works fine, I know this is small hack to hide the issue. Is there a open
bug in httpd for this?
Does this change causes any performance issue/ failures?
Let me know is there a cleaner way to enforce LimitRequestBody
-- 
Kalyanasundaram
http://blogs.eskratch.com/
https://github.com/kalyanceg/

Mime
View raw message