core: Disallow Methods' registration at run time (.htaccess), they may be
used only if registered at init time (httpd.conf).
Calling ap_method_register() in children processes is not the right scope
since it won't be shared for all requests.
Reviewed by: ylavic, covener, icing
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1807754 13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.4.28
+ *) core: Disallow Methods' registration at runtime (.htaccess), they may be
+ used only if registered at init time (httpd.conf). [Yann Ylavic]
+
*) mod_ssl, ab: Fix compatibility with LibreSSL. PR 61184.
[Bernard Spil <brnrd freebsd.org>, Michael Schlenker <msc contact.de>,
Yann Ylavic]
2.4.x patch svn merge -c 1745039 ^/httpd/httpd/trunk .
+1: jim, ylavic, icing
- *) core: Disallow Methods' registration at runtime (.htaccess), they may be
- used only if registered at init time (httpd.conf).
- trunk patch: http://svn.apache.org/r1807655
- 2.4.x patch: svn merge -c 1807655 ^/httpd/httpd/trunk .
- (modulo CHANGES)
- +1: ylavic, covener, icing
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
/* method has not been registered yet, but resource restriction
* is always checked before method handling, so register it.
*/
+ if (cmd->pool == cmd->temp_pool) {
+ /* In .htaccess, we can't globally register new methods. */
+ return apr_psprintf(cmd->pool, "Could not register method '%s' "
+ "for %s from .htaccess configuration",
+ method, cmd->cmd->name);
+ }
methnum = ap_method_register(cmd->pool,
apr_pstrdup(cmd->pool, method));
}
projects / apache / commitdiff