Merge r1371878 from trunk:

Apache does not tolerate deliberate abuse of open standards

Submitted by: fielding
Reviewed/backported by: jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1373085 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/STATUS b/STATUS
index 2ac399ca34e6481b9ce08a058fa28deafa734fcc..937e338681f290f693ec3a27276e9dfe9ef6f9f3 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -93,17 +93,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
      2.4.x patch: trunk patch works
      +1: rjung, humbedooh, trawick (needs CHANGES entry)
 
-   * httpd.conf.in: remove DNT header field from MSIE 10.0 requests because
-       the browser is deliberately violating the standard under development.
-     trunk patch: http://svn.apache.org/viewvc?rev=1371878&view=rev
-     2.4.x patch: trunk patch works
-       +1: fielding, gstein, jim
-       rjung: What about not needing mod_setenvif:
-     RequestHeader unset DNT "expr=%{HTTP_USER_AGENT} -strmatch '*MSIE 10.0;*'"
-         -- fielding: I prefer the separate syntax.  I want the env variable
-               to be set for apps/logging, and it allows the same treatment
-               to be applied to other user agents that go bad.
-
    * Correctly log the error returned by apr_dbd_pvselect().
      trunk patch: http://svn.apache.org/viewvc?view=rev&rev=1364229
      2.4.x patch: trunk patch works

diff --git a/docs/conf/httpd.conf.in b/docs/conf/httpd.conf.in
index 3e01d4fd7711c0395249734ecb824edeb183dc55..a46499dd3b5234a2539c0fe849c6edd8c33e0c57 100644 (file)
--- a/docs/conf/httpd.conf.in
+++ b/docs/conf/httpd.conf.in
@@ -406,3 +406,13 @@ Include @rel_sysconfdir@/extra/proxy-html.conf
 SSLRandomSeed startup builtin
 SSLRandomSeed connect builtin
 </IfModule>
+
+# Deal with user agents that deliberately violate open standards
+#
+<IfModule setenvif_module>
+BrowserMatch "MSIE 10.0;" bad_DNT
+</IfModule>
+<IfModule headers_module>
+RequestHeader unset DNT env=bad_DNT
+</IfModule>
+