Hi Apache devs! I have been working on an email thread [1] in the users@ mailing list in which it was asked some questions about how httpd (using mod-proxy-fcgi) manages Last-Modified headers returned by FCGI/CGI scripts. Two strange behaviors were brought up:
1) Last-Modified: foo returned by a simple PHP script forces httpd to replace it with Thu, 01 Jan 1970 00:00:00 GMT. Patch proposed to backport: http://svn.apache.org/r1748379 2) Last-Modified header value with a date not in GMT are replaced with (now() + time taken to serve the request) without any trace in the logs. This seems to be due to httpd recognizing the date as "in the future" and replacing it with its response origination time (following https://tools.ietf.org/html/rfc2616#section-14.29). To demonstrate 2), Manuel in users@ suggested a simple PHP script returning the current datetime in the Europe/Paris timezone (GMT +2). I tried to check the code and I came up with two possible solutions: 1) mod-proxy-fcgi eventually triggers a call to ap_scan_script_header_err_core_ex in util_script.c that uses apr_date_parse_http to transform a datestring into a unix timestamp. This one seems not to check the timezone, assuming GMT all the times. It might be an option to add a check in the code to return APR_DATE_BAD in case the datetime is not GMT, and then r1748379 will take care of the rest. This could potentially break existing code that relies on this behavior to work correctly. 2) Simply log what httpd does, for example with http://apaste.info/8pa or http://apaste.info/JlZ (wording might need to be changed). Any suggestion? Regards, Luca [1]: https://lists.apache.org/thread.html/63e7aaaa0b8f9e1ebfec8d169d6cdd51875db77ff8161a7936419be4@1464608714@%3Cusers.httpd.apache.org%3E