]> granicus.if.org Git - apache/commitdiff
remove r1792169 taint checks from proxy and status modules
authorEric Covener <covener@apache.org>
Fri, 26 May 2017 21:50:33 +0000 (21:50 +0000)
committerEric Covener <covener@apache.org>
Fri, 26 May 2017 21:50:33 +0000 (21:50 +0000)
Both of these checks are problematic without further
work.

status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796352 13f79535-47bb-0310-9956-ffa450edef68

modules/generators/mod_status.c
modules/proxy/mod_proxy.c

index db44e98d2d96ba235dfec961bfed5be1e51def6f..12801f94ceccb79cbe3dd0b9524e8f86a3f11715 100644 (file)
@@ -213,13 +213,6 @@ static int status_handler(request_rec *r)
         return DECLINED;
     }
 
-    /* A request that has passed through .htaccess has no business
-     * landing up here.
-     */
-    if (ap_request_tainted(r, AP_TAINT_HTACCESS)) {
-        return DECLINED;
-    }
-
 #ifdef HAVE_TIMES
     times_per_thread = getpid() != child_pid;
 #endif
index b8281e0b542bab5885c9f4b037264021ecfc47ee..3ed3b43b8906c09fcf791b830d93af0ecc99e811 100644 (file)
@@ -932,14 +932,6 @@ static int proxy_fixup(request_rec *r)
     if (!r->proxyreq || !r->filename || strncmp(r->filename, "proxy:", 6) != 0)
         return DECLINED;
 
-    /* A request that has passed through .htaccess has no business
-     * serving contents from so far outside its directory.
-     * Since we're going to decline it, don't waste time here.
-     */
-    if (ap_request_tainted(r, AP_TAINT_HTACCESS)) {
-        return DECLINED;
-    }
-
     /* XXX: Shouldn't we try this before we run the proxy_walk? */
     url = &r->filename[6];