From 22a08f2affdf1a26224b6ccc219ec9891ee70870 Mon Sep 17 00:00:00 2001 From: "William A. Rowe Jr" Date: Thu, 25 Aug 2016 01:48:36 +0000 Subject: [PATCH] Rebuild all git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1757590 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/mod/core.html.de | 4 +- docs/manual/mod/core.html.en | 42 +++++++++---------- docs/manual/mod/core.html.es | 4 +- docs/manual/mod/core.html.fr | 2 + docs/manual/mod/core.html.ja.utf8 | 4 +- docs/manual/mod/core.html.tr.utf8 | 4 +- docs/manual/mod/core.xml.de | 2 +- docs/manual/mod/core.xml.es | 2 +- docs/manual/mod/core.xml.fr | 2 +- docs/manual/mod/core.xml.ja | 2 +- docs/manual/mod/core.xml.meta | 2 +- docs/manual/mod/core.xml.tr | 2 +- docs/manual/mod/mod_rewrite.html.en | 6 +-- docs/manual/mod/mod_rewrite.html.fr | 2 + docs/manual/mod/mod_rewrite.xml.fr | 2 +- docs/manual/mod/mod_rewrite.xml.meta | 2 +- docs/manual/mod/quickreference.html.de | 4 +- docs/manual/mod/quickreference.html.en | 4 +- docs/manual/mod/quickreference.html.es | 4 +- docs/manual/mod/quickreference.html.ja.utf8 | 4 +- docs/manual/mod/quickreference.html.ko.euc-kr | 4 +- docs/manual/mod/quickreference.html.tr.utf8 | 4 +- .../manual/mod/quickreference.html.zh-cn.utf8 | 4 +- docs/manual/ssl/ssl_howto.html.fr | 2 + docs/manual/ssl/ssl_howto.xml.fr | 2 +- docs/manual/ssl/ssl_howto.xml.meta | 2 +- 26 files changed, 61 insertions(+), 57 deletions(-) diff --git a/docs/manual/mod/core.html.de b/docs/manual/mod/core.html.de index 360dc1dbd1..02c547a361 100644 --- a/docs/manual/mod/core.html.de +++ b/docs/manual/mod/core.html.de @@ -1557,9 +1557,9 @@ angegebenen MIME-Content-Type - diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en index 2afd3a25fd..f9cb5eede6 100644 --- a/docs/manual/mod/core.html.en +++ b/docs/manual/mod/core.html.en @@ -2031,9 +2031,9 @@ media type in the HTTP Content-Type header field
Beschreibung:Modify restrictions on HTTP Request Messages
Syntax:HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0]
Voreinstellung:HttpProtocolOptions Strict StrictURL LenientWhitespace +
Voreinstellung:HttpProtocolOptions Strict StrictURL StrictWhitespace LenientMethods Allow0.9
Kontext:Serverkonfiguration, Virtual Host
Status:Core
- @@ -2059,19 +2059,31 @@ LenientMethods Allow0.9 of this directive, all grammer rules of the specification are enforced in the default Strict operating mode.

-

RFC 7230 §2.2 and 2.3 define "Reserved Characters" and +

RFC 3986 §2.2 and 2.3 define "Reserved Characters" and "Unreserved Characters". All other character octets are required to be %XX encoded under this spec, and RFC7230 defers to these requirements. By default the StrictURI option will reject all requests containing invalid characters. This rule can be relaxed with the UnsafeURI option to support badly written user-agents.

-

Users are strongly cautioned against toggling the Unsafe - and UnsafeURI modes of operation, most especially on - outward-facing, publicly accessible server deployments. If an interface - is required of faulty monitoring or other custom software running only - on an intranet, users should consider toggling these only for a specific - virtual host configured on their private subnet.

+

RFC 7230 §3.5 "Message Parsing Robustness" permits, and + identifies potential risks of parsing messages containing non-space + character whitespace. While the spec defines that exactly one space + seperates the URI from the method, and the protocol from the URI, and + only space and horizontal tab characters are allowed in request header + field contents, the Apache HTTP Server was traditionally lenient in + accepting other whitespace. The default StrictWhitespace + option will now reject non-conforming requests. The administrator may + toggle the UnsafeWhitespace option to continue to honor + non-conforming requests, with considerable risk of proxy interactions.

+ +

Users are strongly cautioned against toggling the Unsafe, + UnsafeURI or UnsafeWhitespace modes of operation + particularly on outward-facing, publicly accessible server deployments. + If an interface is required for faulty monitoring or other custom service + consumers running on an intranet, users should toggle only those Unsafe + options which are necessary, and only on a specific virtual host configured + to service only their internal private network.

Reviewing the messages logged to the ErrorLog, configured with LogLevel info level, @@ -2079,18 +2091,6 @@ LenientMethods Allow0.9 Users should pay particular attention to any 400 responses in the access log for indiciations that valid requests are unexpectedly rejected.

-

RFC 7230 §3.5 "Message Parsing Robustness" permits, and - identifies potential risks of parsing messages containing non-space - character whitespace. While the spec defines that exactly one space - seperates the URI from the method, and the protocol from the URI, the - Apache HTTP Server has traditionally been lenient in accepting other - whitespace including one or more horizontal-tab or space characters. - The default LenientWhitespace continues to accept such - requests from non-conforming user-agents, but the administrator may toggle - the StrictWhitespace option to insist on precisely two spaces - in the request line. Other whitespace including vertical-tab, form-feed, - and carriage-return characters are rejected and cannot be supported.

-

RFC 7231 §4.1 "Request Methods" "Overview" requires that origin servers shall respond with an error when an unsupported method is encountered in the request line. This already happens when the diff --git a/docs/manual/mod/core.html.es b/docs/manual/mod/core.html.es index 2be9eb1d45..e5b14f6e37 100644 --- a/docs/manual/mod/core.html.es +++ b/docs/manual/mod/core.html.es @@ -1740,9 +1740,9 @@ media type in the HTTP Content-Type header field

Description:Modify restrictions on HTTP Request Messages
Syntax:HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0]
Default:HttpProtocolOptions Strict StrictURL LenientWhitespace +
Default:HttpProtocolOptions Strict StrictURL StrictWhitespace LenientMethods Allow0.9
Context:server config, virtual host
Status:Core
- diff --git a/docs/manual/mod/core.html.fr b/docs/manual/mod/core.html.fr index d059727788..afe28c369d 100644 --- a/docs/manual/mod/core.html.fr +++ b/docs/manual/mod/core.html.fr @@ -33,6 +33,8 @@  ja  |  tr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.
Descripción:Modify restrictions on HTTP Request Messages
Sintaxis:HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0]
Valor por defecto:HttpProtocolOptions Strict StrictURL LenientWhitespace +
Valor por defecto:HttpProtocolOptions Strict StrictURL StrictWhitespace LenientMethods Allow0.9
Contexto:server config, virtual host
Estado:Core
Description:Fonctionnalités de base du serveur HTTP Apache toujours disponibles
Statut:Core
diff --git a/docs/manual/mod/core.html.ja.utf8 b/docs/manual/mod/core.html.ja.utf8 index f99d518107..f5da5fc93e 100644 --- a/docs/manual/mod/core.html.ja.utf8 +++ b/docs/manual/mod/core.html.ja.utf8 @@ -1505,9 +1505,9 @@ request - diff --git a/docs/manual/mod/core.html.tr.utf8 b/docs/manual/mod/core.html.tr.utf8 index f3624a7066..dd06af7873 100644 --- a/docs/manual/mod/core.html.tr.utf8 +++ b/docs/manual/mod/core.html.tr.utf8 @@ -1972,9 +1972,9 @@ için iptal edilmiştir.
説明:Modify restrictions on HTTP Request Messages
構文:HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0]
デフォルト:HttpProtocolOptions Strict StrictURL LenientWhitespace +
デフォルト:HttpProtocolOptions Strict StrictURL StrictWhitespace LenientMethods Allow0.9
コンテキスト:サーバ設定ファイル, バーチャルホスト
ステータス:Core
- diff --git a/docs/manual/mod/core.xml.de b/docs/manual/mod/core.xml.de index 9a7dde9243..0896417870 100644 --- a/docs/manual/mod/core.xml.de +++ b/docs/manual/mod/core.xml.de @@ -1,7 +1,7 @@ - + + + diff --git a/docs/manual/mod/core.xml.ja b/docs/manual/mod/core.xml.ja index e4ed2af959..3b5b500619 100644 --- a/docs/manual/mod/core.xml.ja +++ b/docs/manual/mod/core.xml.ja @@ -1,7 +1,7 @@ - + + + diff --git a/docs/manual/mod/mod_rewrite.xml.meta b/docs/manual/mod/mod_rewrite.xml.meta index decc0a7b1e..0be21e86f4 100644 --- a/docs/manual/mod/mod_rewrite.xml.meta +++ b/docs/manual/mod/mod_rewrite.xml.meta @@ -8,6 +8,6 @@ en - fr + fr diff --git a/docs/manual/mod/quickreference.html.de b/docs/manual/mod/quickreference.html.de index 888bf0fcab..5841688ce2 100644 --- a/docs/manual/mod/quickreference.html.de +++ b/docs/manual/mod/quickreference.html.de @@ -542,8 +542,8 @@ heartbeat requests to this server + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] + [Allow0.9|Require1.0] diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en index edaafbf1b9..b2015fcfb3 100644 --- a/docs/manual/mod/quickreference.html.en +++ b/docs/manual/mod/quickreference.html.en @@ -537,8 +537,8 @@ heartbeat requests to this server + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] + [Allow0.9|Require1.0] diff --git a/docs/manual/mod/quickreference.html.es b/docs/manual/mod/quickreference.html.es index 1f1c2e2a30..e30ab1ff5c 100644 --- a/docs/manual/mod/quickreference.html.es +++ b/docs/manual/mod/quickreference.html.es @@ -540,8 +540,8 @@ heartbeat requests to this server + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] + [Allow0.9|Require1.0] diff --git a/docs/manual/mod/quickreference.html.ja.utf8 b/docs/manual/mod/quickreference.html.ja.utf8 index 64283d35e7..66174a8477 100644 --- a/docs/manual/mod/quickreference.html.ja.utf8 +++ b/docs/manual/mod/quickreference.html.ja.utf8 @@ -512,8 +512,8 @@ heartbeat requests to this server + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] + [Allow0.9|Require1.0] diff --git a/docs/manual/mod/quickreference.html.ko.euc-kr b/docs/manual/mod/quickreference.html.ko.euc-kr index 5901b22758..7924665afc 100644 --- a/docs/manual/mod/quickreference.html.ko.euc-kr +++ b/docs/manual/mod/quickreference.html.ko.euc-kr @@ -509,8 +509,8 @@ heartbeat requests to this server + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] + [Allow0.9|Require1.0] diff --git a/docs/manual/mod/quickreference.html.tr.utf8 b/docs/manual/mod/quickreference.html.tr.utf8 index 46dd5afe72..d3bc8755d1 100644 --- a/docs/manual/mod/quickreference.html.tr.utf8 +++ b/docs/manual/mod/quickreference.html.tr.utf8 @@ -535,8 +535,8 @@ heartbeat requests to this server + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] + [Allow0.9|Require1.0] diff --git a/docs/manual/mod/quickreference.html.zh-cn.utf8 b/docs/manual/mod/quickreference.html.zh-cn.utf8 index c7ecd6f787..67a2fa0bb8 100644 --- a/docs/manual/mod/quickreference.html.zh-cn.utf8 +++ b/docs/manual/mod/quickreference.html.zh-cn.utf8 @@ -532,8 +532,8 @@ heartbeat requests to this server + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] + [Allow0.9|Require1.0] diff --git a/docs/manual/ssl/ssl_howto.html.fr b/docs/manual/ssl/ssl_howto.html.fr index fd73c187fc..c12f5033e2 100644 --- a/docs/manual/ssl/ssl_howto.html.fr +++ b/docs/manual/ssl/ssl_howto.html.fr @@ -26,6 +26,8 @@

Langues Disponibles:  en  |  fr 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.

Ce document doit vous permettre de démarrer et de faire fonctionner diff --git a/docs/manual/ssl/ssl_howto.xml.fr b/docs/manual/ssl/ssl_howto.xml.fr index 393efdacac..8f42d7d1e2 100644 --- a/docs/manual/ssl/ssl_howto.xml.fr +++ b/docs/manual/ssl/ssl_howto.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/ssl/ssl_howto.xml.meta b/docs/manual/ssl/ssl_howto.xml.meta index b7c021fd9a..8d9a5237f4 100644 --- a/docs/manual/ssl/ssl_howto.xml.meta +++ b/docs/manual/ssl/ssl_howto.xml.meta @@ -8,6 +8,6 @@ en - fr + fr -- 2.40.0

Açıklama:Modify restrictions on HTTP Request Messages
Sözdizimi:HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] + [StrictWhitespace|UnsafeWhitespace] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0]
Öntanımlı:HttpProtocolOptions Strict StrictURL LenientWhitespace +
Öntanımlı:HttpProtocolOptions Strict StrictURL StrictWhitespace LenientMethods Allow0.9
Bağlam:sunucu geneli, sanal konak
Durum:Çekirdek
HeartbeatStorage file-path logs/hb.dat sX
Path to read heartbeat data
HostnameLookups On|Off|Double Off svdC
Aktiviert DNS-Lookups auf Client-IP-Adressen
HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] - [Allow0.9|Require1.0] Strict StrictURL Le +svC
Modify restrictions on HTTP Request Messages
Strict StrictURL St +svC
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svdE
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 svdE
Determines the timeout duration for ident requests
HeartbeatStorage file-path logs/hb.dat sX
Path to read heartbeat data
HostnameLookups On|Off|Double Off svdC
Enables DNS lookups on client IP addresses
HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] - [Allow0.9|Require1.0] Strict StrictURL Le +svC
Modify restrictions on HTTP Request Messages
Strict StrictURL St +svC
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svdE
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 svdE
Determines the timeout duration for ident requests
HeartbeatStorage file-path logs/hb.dat sX
Path to read heartbeat data
HostnameLookups On|Off|Double Off svdC
Enables DNS lookups on client IP addresses
HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] - [Allow0.9|Require1.0] Strict StrictURL Le +svC
Modify restrictions on HTTP Request Messages
Strict StrictURL St +svC
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svdE
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 svdE
Determines the timeout duration for ident requests
HostnameLookups On|Off|Double Off svdC
クライアントの IP アドレスの DNS ルックアップを 有効にする
HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] - [Allow0.9|Require1.0] Strict StrictURL Le +svC
Modify restrictions on HTTP Request Messages
Strict StrictURL St +svC
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svdE
リモートユーザの RFC 1413 によるアイデンティティのロギングを 有効にする
IdentityCheckTimeout seconds 30 svdE
Ident リクエストがタイムアウトするまでの期間を決める
HeartbeatStorage file-path logs/hb.dat sX
Path to read heartbeat data
HostnameLookups On|Off|Double Off svdC
Enables DNS lookups on client IP addresses
HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] - [Allow0.9|Require1.0] Strict StrictURL Le +svC
Modify restrictions on HTTP Request Messages
Strict StrictURL St +svC
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svdE
¿ø°Ý »ç¿ëÀÚÀÇ RFC 1413 ½Å¿øÀ» ·Î±×¿¡ ±â·ÏÇÑ´Ù
IdentityCheckTimeout seconds 30 svdE
ident ¿äûÀÇ ½Ã°£Á¦ÇÑÀ» ÁöÁ¤ÇÑ´Ù
IdleShutdown seconds 0 sE
Enable shutting down the httpd when it is idle for some time.
HostnameLookups On|Off|Double Off skdÇ
İstemci IP adresleri üzerinde DNS sorgularını etkin kılar.
HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] - [Allow0.9|Require1.0] Strict StrictURL Le +skÇ
Modify restrictions on HTTP Request Messages
Strict StrictURL St +skÇ
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off skdE
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 skdE
Determines the timeout duration for ident requests
HeartbeatStorage file-path logs/hb.dat sX
Path to read heartbeat data
HostnameLookups On|Off|Double Off svdC
Enables DNS lookups on client IP addresses
HttpProtocolOptions [Strict|Unsafe] [StrictURL|UnsafeURL] - [StrictWhitespace|LenientWhitespace] [RegisteredMethods|LenientMethods] - [Allow0.9|Require1.0] Strict StrictURL Le +svC
Modify restrictions on HTTP Request Messages
Strict StrictURL St +svC
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svdE
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 svdE
Determines the timeout duration for ident requests