From: Cliff Woolley Date: Mon, 22 Apr 2002 08:08:38 +0000 (+0000) Subject: AcceptPathInfo was totally backwards... it would reject when set to on and X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=139f9615419875be2b4d2c2b49323c747a936408;p=apache AcceptPathInfo was totally backwards... it would reject when set to on and by default and accept when set to off for the default handler, and would reject only if set to accept for mod_cgi(d) and mod_isapi. PR: 8234 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94751 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index bcd711c8f1..1550de2b3a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,7 @@ Changes with Apache 2.0.36 + + *) Fix AcceptPathInfo. PR 8234 [Cliff Woolley] + *) [Security] Added the APLOG_TOCLIENT flag to ap_log_rerror() to explicitly tell the server that warning messages should be sent to the client in addition to being recorded in the error log. diff --git a/modules/arch/win32/mod_isapi.c b/modules/arch/win32/mod_isapi.c index c53d2d0b7e..7a155129e3 100644 --- a/modules/arch/win32/mod_isapi.c +++ b/modules/arch/win32/mod_isapi.c @@ -362,8 +362,12 @@ apr_status_t isapi_handler (request_rec *r) if (r->finfo.filetype != APR_REG) return HTTP_FORBIDDEN; - if (r->path_info && *r->path_info && !r->used_path_info) + if ((r->used_path_info == AP_REQ_REJECT_PATH_INFO) && + r->path_info && *r->path_info) + { + /* default to accept */ return HTTP_NOT_FOUND; + } /* Load the isapi extention without caching (sconf == NULL) * but note that we will recover an existing cached module. diff --git a/modules/generators/mod_cgi.c b/modules/generators/mod_cgi.c index 92c7663185..70cdf96cf2 100644 --- a/modules/generators/mod_cgi.c +++ b/modules/generators/mod_cgi.c @@ -627,7 +627,10 @@ static int cgi_handler(request_rec *r) return log_scripterror(r, conf, HTTP_FORBIDDEN, 0, "attempt to invoke directory as script"); - if (r->path_info && *r->path_info && !r->used_path_info) { + if ((r->used_path_info == AP_REQ_REJECT_PATH_INFO) && + r->path_info && *r->path_info) + { + /* default to accept */ return log_scripterror(r, conf, HTTP_NOT_FOUND, 0, "AcceptPathInfo off disallows user's path"); } diff --git a/modules/generators/mod_cgid.c b/modules/generators/mod_cgid.c index c20e784091..82b26b4006 100644 --- a/modules/generators/mod_cgid.c +++ b/modules/generators/mod_cgid.c @@ -1063,7 +1063,10 @@ static int cgid_handler(request_rec *r) return log_scripterror(r, conf, HTTP_FORBIDDEN, 0, "attempt to invoke directory as script"); - if (r->path_info && *r->path_info && !r->used_path_info) { + if ((r->used_path_info == AP_REQ_REJECT_PATH_INFO) && + r->path_info && *r->path_info) + { + /* default to accept */ return log_scripterror(r, conf, HTTP_NOT_FOUND, 0, "AcceptPathInfo off disallows user's path"); } diff --git a/server/core.c b/server/core.c index c5685b9de3..a83044d2a5 100644 --- a/server/core.c +++ b/server/core.c @@ -3102,11 +3102,11 @@ static int core_override_type(request_rec *r) /* Deal with the poor soul who is trying to force path_info to be * accepted within the core_handler, where they will let the subreq - * address it's contents. This is toggled by the user in the very + * address its contents. This is toggled by the user in the very * beginning of the fixup phase, so modules should override the user's - * discresion in their own module fixup phase. It is tristate, if + * discretion in their own module fixup phase. It is tristate, if * the user doesn't specify, the result is 2 (which the module may - * interpret to it's own customary behavior.) It won't be tounched + * interpret to its own customary behavior.) It won't be touched * if the value is no longer undefined (2), so any module changing * the value prior to the fixup phase OVERRIDES the user's choice. */ @@ -3187,7 +3187,10 @@ static int default_handler(request_rec *r) return HTTP_NOT_FOUND; } - if (!(r->used_path_info & 1) && r->path_info && *r->path_info) { + if ((r->used_path_info != AP_REQ_ACCEPT_PATH_INFO) && + r->path_info && *r->path_info) + { + /* default to reject */ ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r, "File does not exist: %s", apr_pstrcat(r->pool, r->filename, r->path_info, NULL)); @@ -3939,10 +3942,10 @@ static int core_create_req(request_rec *r) ap_set_module_config(r->request_config, &core_module, req_cfg); - /* Begin by presuming any module can make it's own path_info assumptions, + /* Begin by presuming any module can make its own path_info assumptions, * until some module interjects and changes the value. */ - r->used_path_info = 2; + r->used_path_info = AP_REQ_DEFAULT_PATH_INFO; return OK; }