From 1d1c4833173f926183582125be9655817bca1569 Mon Sep 17 00:00:00 2001 From: Graham Leggett Date: Fri, 9 May 2008 22:40:01 +0000 Subject: [PATCH] core, mod_proxy: If a kept_body is present, it becomes safe for subrequests to support message bodies. Make sure that safety checks within the core and within the proxy are not triggered when kept_body is present. This makes it possible to embed proxied POST requests within mod_include. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@654968 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 6 ++++++ modules/proxy/mod_proxy_http.c | 9 ++++++++- server/protocol.c | 4 ++-- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 3eac0ef9e4..af0a36e33c 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,12 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + *) core, mod_proxy: If a kept_body is present, it becomes safe for + subrequests to support message bodies. Make sure that safety + checks within the core and within the proxy are not triggered + when kept_body is present. This makes it possible to embed + proxied POST requests within mod_include. [Graham Leggett] + *) mod_auth_form: Make sure the input filter stack is properly set up before reading the login form. Make sure the kept body filter is correctly inserted to ensure the body can be read a second diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c index cc88b61c75..c4d6d3ecb1 100644 --- a/modules/proxy/mod_proxy_http.c +++ b/modules/proxy/mod_proxy_http.c @@ -266,6 +266,10 @@ static int pass_brigade(apr_bucket_alloc_t *bucket_alloc, apr_brigade_length(bb, 0, &transferred); if (transferred != -1) conn->worker->s->transferred += transferred; +char tmp[1024000]; +apr_size_t tlen = 1024000; +apr_brigade_flatten(bb, tmp, &tlen); +printf(tmp, NULL); status = ap_pass_brigade(origin->output_filters, bb); if (status != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server, @@ -893,8 +897,11 @@ int ap_proxy_http_request(apr_pool_t *p, request_rec *r, * input_brigade and jump past all of the request body logic... * Reading anything with ap_get_brigade is likely to consume the * main request's body or read beyond EOS - which would be unplesant. + * + * An exception: when a kept_body is present, then subrequest CAN use + * pass request bodies, and we DONT skip the body. */ - if (r->main) { + if (!r->kept_body && r->main) { /* XXX: Why DON'T sub-requests use keepalives? */ p_conn->close++; if (old_cl_val) { diff --git a/server/protocol.c b/server/protocol.c index bab191b6bf..74dad061b2 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -1084,8 +1084,8 @@ AP_DECLARE(void) ap_set_sub_req_protocol(request_rec *rnew, /* did the original request have a body? (e.g. POST w/SSI tags) * if so, make sure the subrequest doesn't inherit body headers */ - if (apr_table_get(r->headers_in, "Content-Length") - || apr_table_get(r->headers_in, "Transfer-Encoding")) { + if (!r->kept_body && (apr_table_get(r->headers_in, "Content-Length") + || apr_table_get(r->headers_in, "Transfer-Encoding"))) { clone_headers_no_body(rnew, r); } else { /* no body (common case). clone headers the cheap way */ -- 2.50.1