Remove the base href tag from mod_proxy_ftp, as it breaks relative

links for clients not using an Authorization header.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@231044 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 14ab18208ce1a1e6b71216f28217c61b4a03999f..20a86ba00498cfcc32270c669a2e92f957adff25 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,10 @@
                                                         -*- coding: utf-8 -*-
 Changes with Apache 2.3.0
+
+  *) Remove the base href tag from mod_proxy_ftp, as it breaks relative
+     links for clients not using an Authorization header. [Graham Leggett,
+     Jon Snow <jsnow27 gatesec.net>]
+
   *) Teach mod_ssl to use arbitraty OIDs in an SSLRequire directive,
      allowing string-valued client certificate attributes to be used for
      access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")

diff --git a/modules/proxy/mod_proxy_ftp.c b/modules/proxy/mod_proxy_ftp.c
index 2d53dea13bc497439eb73c1d4339423d4e79cd05..1465827dfc7a5df661cc5403f4414035f88fb739 100644 (file)
--- a/modules/proxy/mod_proxy_ftp.c
+++ b/modules/proxy/mod_proxy_ftp.c
@@ -352,11 +352,10 @@ static apr_status_t proxy_send_dir_filter(ap_filter_t *f,
         /* print "ftp://host/" */
         str = apr_psprintf(p, DOCTYPE_HTML_3_2
                 "<html>\n <head>\n  <title>%s%s%s</title>\n"
-                "  <base href=\"%s%s%s\">\n </head>\n"
+                " </head>\n"
                 " <body>\n  <h2>Directory of "
                 "<a href=\"/\">%s</a>/%s",
                 site, basedir, ap_escape_html(p, path),
-                site, basedir, ap_escape_uri(p, path),
                 site, str);
 
         APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(str, strlen(str),