https://bz.apache.org/bugzilla/show_bug.cgi?id=65725
--- Comment #4 from farhanz <[email protected]> --- The way our configuration works is that the request is authenticated first. This is handled by an FCGI Authorizer module. The way httpd talks to this authorizer module is via mod_authnz_fcgi. We don't have mod_proxy[_http] configured for this request. Outlining the request flow: 1. The curl HTTP client performs a POST. Since the payload is over a KB, curl, by default, attaches the Expect: 100-Continue request header. 2. Apache httpd receives the request. Based on our config, the request is first routed to the authorizer module for authentication. Since authentication is successful, the module sets the response status code as HTTP 200. 3. mod_authnz_fcgi then updates the request_rec->status and request_rec->status_line fields to 200. 4. In modules/http/http_filters.c, prior to calling ap_send_interim_response, the code saves the 200 status code set by mod_authnz_fcgi and overwrites it with HTTP_CONTINUE. 5. However, the filters.c code does not update request->status_line (which is still 200). 6. Now in ap_send_interim_response, the interim status code to be sent is determined via reading r->status_line. Since this is set to 200, the interim response sent back to the client is 200. I believe status_line should be overwritten with 100 Continue just like the status is being overwritten with 100. This was handled in the previous code, via the following line which was removed in 2.4.47: tmp = apr_pstrcat(f->r->pool, AP_SERVER_PROTOCOL " ", ap_get_status_line(HTTP_CONTINUE), CRLF CRLF, NULL); -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
