From: Eric Covener <covener@apache.org>
Date: Fri, 26 May 2017 21:50:33 +0000 (+0000)
Subject: remove r1792169 taint checks from proxy and status modules
X-Git-Tag: 2.5.0-alpha~402
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c46a62d72f3aab16fbfae1dfcb5a2cfc09d3a590;p=apache

remove r1792169 taint checks from proxy and status modules

Both of these checks are problematic without further
work.

status: even a .htaccess with no SetHandler blocks the handler.
proxy: RewriteRule ... ... [P] in htaccess is blocked.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1796352 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c
index db44e98d2d..12801f94ce 100644
--- a/modules/generators/mod_status.c
+++ b/modules/generators/mod_status.c
@@ -213,13 +213,6 @@ static int status_handler(request_rec *r)
         return DECLINED;
     }
 
-    /* A request that has passed through .htaccess has no business
-     * landing up here.
-     */
-    if (ap_request_tainted(r, AP_TAINT_HTACCESS)) {
-        return DECLINED;
-    }
-
 #ifdef HAVE_TIMES
     times_per_thread = getpid() != child_pid;
 #endif
diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
index b8281e0b54..3ed3b43b89 100644
--- a/modules/proxy/mod_proxy.c
+++ b/modules/proxy/mod_proxy.c
@@ -932,14 +932,6 @@ static int proxy_fixup(request_rec *r)
     if (!r->proxyreq || !r->filename || strncmp(r->filename, "proxy:", 6) != 0)
         return DECLINED;
 
-    /* A request that has passed through .htaccess has no business
-     * serving contents from so far outside its directory.
-     * Since we're going to decline it, don't waste time here.
-     */
-    if (ap_request_tainted(r, AP_TAINT_HTACCESS)) {
-        return DECLINED;
-    }
-
     /* XXX: Shouldn't we try this before we run the proxy_walk? */
     url = &r->filename[6];