It seems like this patch should be at a higher level. Don't we also
have problems with POST to any other sort of included subrequest
being transformed into a GET but retaining the content-length
or other irrelevant (nasty) headers?
Is there a more appropriate place to make this correction for the
benefit of all sorts of subrequest includes?
Bill
At 03:24 AM 11/8/2002, [EMAIL PROTECTED] wrote:
>brianp 2002/11/08 01:24:00
>
> Modified: . CHANGES
> modules/proxy proxy_http.c
> Log:
> When doing a GET of a proxied URL as a subrequest within
> a POSTed request, don't send the original POST's Content-Length
> as part of the header for the GET.
>
> Revision Changes Path
> 1.971 +4 -0 httpd-2.0/CHANGES
>
> Index: CHANGES
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/CHANGES,v
> retrieving revision 1.970
> retrieving revision 1.971
> diff -u -r1.970 -r1.971
> --- CHANGES 7 Nov 2002 23:11:09 -0000 1.970
> +++ CHANGES 8 Nov 2002 09:24:00 -0000 1.971
> @@ -1,5 +1,9 @@
> Changes with Apache 2.0.44
>
> + *) Fix a bug in which mod_proxy sent an invalid Content-Length
> + when a proxied URL was invoked as a server-side include within
> + a page generated in response to a form POST. [Brian Pane]
> +
> *) Added code to process min and max file size directives and to
> init the expirychk flag in mod_disk_cache. Added a clarifying
> comment to cache_util. [Paul J. Reder]
>
>
>
> 1.164 +19 -0 httpd-2.0/modules/proxy/proxy_http.c
>
> Index: proxy_http.c
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/modules/proxy/proxy_http.c,v
> retrieving revision 1.163
> retrieving revision 1.164
> diff -u -r1.163 -r1.164
> --- proxy_http.c 25 Oct 2002 20:58:55 -0000 1.163
> +++ proxy_http.c 8 Nov 2002 09:24:00 -0000 1.164
> @@ -597,7 +597,26 @@
> || !apr_strnatcasecmp(headers_in[counter].key,
>"If-None-Match")) {
> continue;
> }
> +
> + /* If you POST to a page that gets server-side parsed
> + * by mod_include, and the parsing results in a reverse
> + * proxy call, the proxied request will be a GET, but
> + * its request_rec will have inherited the Content-Length
> + * of the original request (the POST for the enclosing
> + * page). We can't send the original POST's request body
> + * as part of the proxied subrequest, so we need to avoid
> + * sending the corresponding content length. Otherwise,
> + * the server to which we're proxying will sit there
> + * forever, waiting for a request body that will never
> + * arrive.
> + */
> + if ((r->method_number == M_GET) && headers_in[counter].key &&
> + !apr_strnatcasecmp(headers_in[counter].key,
> + "Content-Length")) {
> + continue;
> + }
> }
> +
>
> buf = apr_pstrcat(p, headers_in[counter].key, ": ",
> headers_in[counter].val, CRLF,
>
>
>
