From 751d792b40b56bddfad782b545ab124f4831d712 Mon Sep 17 00:00:00 2001 From: Nick Kew Date: Tue, 2 Oct 2007 14:16:03 +0000 Subject: [PATCH] Document ProxyMaxForwards change in r581117 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@581253 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/mod/mod_proxy.xml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/docs/manual/mod/mod_proxy.xml b/docs/manual/mod/mod_proxy.xml index aa1b1578de..9c18757368 100644 --- a/docs/manual/mod/mod_proxy.xml +++ b/docs/manual/mod/mod_proxy.xml @@ -1087,20 +1087,29 @@ connections Maximium number of proxies that a request can be forwarded through ProxyMaxForwards number -ProxyMaxForwards 10 +ProxyMaxForwards -1 server configvirtual host -Available in Apache 2.0 and later +Available in Apache 2.0 and later; + default behaviour changed in 2.2.7/2.3

The ProxyMaxForwards directive specifies the maximum number of proxies through which a request may pass, if there's no - Max-Forwards header supplied with the request. This is - set to prevent infinite proxy loops, or a DoS attack.

+ Max-Forwards header supplied with the request. This may + be set to prevent infinite proxy loops, or a DoS attack.

Example ProxyMaxForwards 15 + +

Note that setting ProxyMaxForwards is a + violation of the HTTP/1.1 protocol (RFC2616), which forbids a Proxy + setting Max-Forwards if the Client didn't set it. + Earlier Apache versions would always set it. A negative + ProxyMaxForwards value, including the + default -1, gives you protocol-compliant behaviour, but may + leave you open to loops.

 -- 2.40.0