On Wed, Jul 19, 2006 at 12:13:11PM -0400, Joshua Slive wrote: > On 7/19/06, John Morrissey <[EMAIL PROTECTED]> wrote: > > On Tue, Jul 18, 2006 at 08:53:51PM -0400, Joshua Slive wrote: > > > Are any of the requests byte-ranges (response code 206). If so, see: > > > http://issues.apache.org/bugzilla/show_bug.cgi?id=29962 > > > > Some are, yes. It looks like the Debian 2.0.54-5 packages already > > include the patch attached to that bug (the one in the source package is > > identical to the one posted in the bug). > > > > I also looked at bug 23567 (and 34589, which is a duplicate) but the > > only filter we have enabled is INCLUDES (mod_include). None of the > > suspect requests was for server-parsed HTML *and* a byte-range request > > (206 response). > > Well, you should really upgrade to the most recent version to make > sure you have the official patch. You can also do the > RequestHeader unset Range > Header unset Accept-Ranges > hack.
We've been running the header modifications for three days now and haven't had a single child spiral out of control. I'm very surprised, since we're running the Debian package versioned 2.0.54-5, which includes the fix specified in Bug 29962 for CAN-2005-2728: http://packages.qa.debian.org/a/apache2/news/20050908T181706Z.html I checked it against revision 239378 in the 2.0.x branch; the Debian patch is essentially identical: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/http/http_protocol.c?r1=151405&r2=239378&view=patch I even checked the package build process, and the patch is being included during the build. I'm not sure how to react to this; perhaps this is a different problem that has similar symptoms/workarounds? Should I try following up to the relevant Debian and/or Apache bugs? Thanks again for all your help, Joshua. john -- John Morrissey _o /\ ---- __o [EMAIL PROTECTED] _-< \_ / \ ---- < \, www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
