-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) core: Drop an invalid Last-Modified header value coming
+ from a FCGI/CGI script instead of replacing it with Unix epoch.
+ [Luca Toscano]
+
*) mod_dav: Allow other modules to become providers and add ACLs
to the DAV response.
[Jari Urpalainen <jari.urpalainen nokia.com>, Graham Leggett]
}
/*
* If the script gave us a Last-Modified header, we can't just
- * pass it on blindly because of restrictions on future values.
+ * pass it on blindly because of restrictions on future or invalid values.
*/
else if (!ap_cstr_casecmp(w, "Last-Modified")) {
- ap_update_mtime(r, apr_date_parse_http(l));
- ap_set_last_modified(r);
+ apr_time_t last_modified_date = apr_date_parse_http(l);
+ if (last_modified_date != APR_DATE_BAD) {
+ ap_update_mtime(r, last_modified_date);
+ ap_set_last_modified(r);
+ }
+ else {
+ if (APLOGrtrace1(r))
+ ap_log_rerror(SCRIPT_LOG_MARK, APLOG_TRACE1, 0, r,
+ "Ignored invalid header value: Last-Modified: '%s'", l);
+ }
}
else if (!ap_cstr_casecmp(w, "Set-Cookie")) {
apr_table_add(cookie_table, w, l);