Paul Querna said:
I would like to roll another alpha on this Friday, June 24th.
I hope to resolve these issues that blocked 2.1.5 from going out:
1) Compile on Win32.
2) Proper use of strcasecmp to check for identity encoding. (d'oh)
3) Fix any cases where the protocol is not set/NULL.
I need to write an input filter that is able to change the value of some cookies. However the name of the cookie to be changed is a per- directory value. So i have an input filter whose behavior depends programmatically from per-directory configuration. How should i gain information about per -dir
Hi,
What do you think of bug #35280 and the patch attached to fix it. I think at
least handling the response 522: Protocol not supported correctly (as RFC
2428 suggests) is important. Handling the response 505: Command Blocked is
not that vital but I suppose including it also in the patch
luca regini wrote:
I need to write an input filter that is able to change the value of some
cookies. However the name of the cookie to be changed is a per- directory
value. So i have an input filter whose behavior depends programmatically
from per-directory configuration. How should i gain
I am not able to find any example of use of this hook to alter the value of a cookie. For my ( limited and erroneous) understanding an hook cannot alter requestsnor produce content. Thisare tasks made for filters.
Luca
On 6/22/05, Nick Kew [EMAIL PROTECTED] wrote:
luca regini wrote: I need to
I add to my previous mail that thectx parameter in the ap_add_output_filter function can be used to pass an arbitrary structure to the filter. So this should be the right place to pass information to the filter.
Luca
On 6/22/05, Nick Kew [EMAIL PROTECTED] wrote:
luca regini wrote: I need to
I've spent a large number of cycles investigating the Watchfire report
(http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf) and
come up with a genuine reason to adopt the attached patch.
One advantage of TRACE is to determine exactly what the server thinks
it just saw. This is ideal
At 02:55 AM 6/22/2005, Graham Leggett wrote:
There was an outstanding bug report which complained that the Microsoft
LDAP libraries used to build the Windows mod_ldap binary were too old - is
it possibl to make sure that the most recent service pack of the LDAP
client library is used for any of
At 02:12 AM 6/20/2005, Paul Querna wrote:
William A. Rowe, Jr. wrote:
Also, possibly across platforms is a fault in ssl_engine_init,
where the host-protocol is still NULL, and we are trying to
strcmp it to 'https'. I spent part of my weekend trying to
grok what change has broken this, but strcmp
Nick Kew wrote:
On Tuesday 21 June 2005 21:32, arebassa arebassa wrote:
Hi all,
I'm very newbie to apache development and I'd like to know more
about it. Is there any documentation about the functionalities of the
differents parts of code? how the code is structured? what is a bucket
William A. Rowe, Jr. wrote:
At 02:12 AM 6/20/2005, Paul Querna wrote:
William A. Rowe, Jr. wrote:
Also, possibly across platforms is a fault in ssl_engine_init,
where the host-protocol is still NULL, and we are trying to
strcmp it to 'https'. I spent part of my weekend trying to
At 08:56 AM 6/22/2005, William A. Rowe, Jr. wrote:
Unfortunately, TRACE does not support request bodies(*) (RFC2616 9.8;
A TRACE request MUST NOT include an entity.), so it turned out
to be somewhat useless, initially.
FYI there is one small issue still. The resulting Allow: null
response to
At 01:57 AM 6/20/2005, jean-frederic clere wrote:
I still need some more time to check POST with 2 different content-lengths and
GET with content-length.
Well, GET with c-l is permitted. 2 C-L headers would be rejected
due to the '##, ##' format, where the ', ' is non-numeric.
After your
Joe Orton wrote:
On Wed, Jun 22, 2005 at 03:02:50PM -0500, William Rowe wrote:
Prior to either patch we totally mishandled such requests. So the
only question which remains is; which behavior do we prefer?
As the RFC states this is not acceptable, my gut says reject ANY
request with both
Akins, Brian wrote:
On 6/21/05 5:29 PM, Nick Kew [EMAIL PROTECTED] wrote:
(2) http://www.apachecon.com/ - come to our module developers tutorial
and other talks.
When will there be another apachecon US?
December.
--
ApacheCon Europe http://www.apachecon.com/
On 6/22/05, Paul Querna [EMAIL PROTECTED] wrote:
Joe Orton wrote:
On Wed, Jun 22, 2005 at 03:02:50PM -0500, William Rowe wrote:
Prior to either patch we totally mishandled such requests. So the
only question which remains is; which behavior do we prefer?
As the RFC states this is not
APACHE 2.0 STATUS: -*-text-*-
Last modified at [$Date: 2005-06-20 01:47:52 -0400 (Mon, 20 Jun 2005) $]
The current version of this file can be found at:
http://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x/STATUS
Release history:
2.0.55 :
APACHE 2.1 STATUS: -*-text-*-
Last modified at [$Date: 2005-06-17 03:03:13 -0400 (Fri, 17 Jun 2005) $]
The current version of this file can be found at:
http://svn.apache.org/repos/asf/httpd/httpd/trunk/STATUS
Release history:
[NOTE that only
++1 To Joe's comments.
Jeff's fix is technically right, but scares the nibbles out
of me. If, for example, an exploit is able to inject the
T-E on top of the legit C-L, I really suspect we should not
trust the origin server at all.
For origin servers (as opposed to clients) make this choice
Hi list !
A few weeks ago, I showed interest in participating to mod_mbox
development. As a proof of my will to become part of the team, I've
already made two interesting improvements to actual module code :
- Email obfuscation (patch submitted last week to this list)
- A brand new XML+XSLT
httpd-test/perl-framework STATUS: -*-text-*-
Last modified at [$Date: 2004-11-24 19:36:41 -0500 (Wed, 24 Nov 2004) $]
Stuff to do:
* finish the t/TEST exit code issue (ORed with 0x2C if
framework failed)
* change existing tests that frob the
flood STATUS: -*-text-*-
Last modified at [$Date: 2004-11-24 19:36:41 -0500 (Wed, 24 Nov 2004) $]
Release:
1.0: Released July 23, 2002
milestone-03: Tagged January 16, 2002
ASF-transfer: Released July 17, 2001
22 matches
Mail list logo