diff options
author | Stefan Eissing <icing@apache.org> | 2017-04-14 15:08:32 +0000 |
---|---|---|
committer | Stefan Eissing <icing@apache.org> | 2017-04-14 15:08:32 +0000 |
commit | c66d4fc74ee76fcbb6c1494ae0dbb95d5bb4179f (patch) | |
tree | 6cae8f8af236367c1e4c7c75cbb3bad73460631c /modules/http2/h2_headers.c | |
parent | 586ce2b9ea7167197074f6b5ad8d3ff85993ccfd (diff) | |
download | httpd-c66d4fc74ee76fcbb6c1494ae0dbb95d5bb4179f.tar.gz |
On the trunk:
mod_http2: only when 'HttpProtocolOptions Unsafe' is configured, will
control characters in response headers or trailers be forwarded to the
client. Otherwise, in the default configuration, a request will eiher
fail with status 500 or the stream will be reset by a RST_STREAM frame.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1791377 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/http2/h2_headers.c')
-rw-r--r-- | modules/http2/h2_headers.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/modules/http2/h2_headers.c b/modules/http2/h2_headers.c index 8add79f507..ce7eaec2b3 100644 --- a/modules/http2/h2_headers.c +++ b/modules/http2/h2_headers.c @@ -32,6 +32,12 @@ #include "h2_headers.h" +static int is_unsafe(server_rec *s) +{ + core_server_config *conf = ap_get_core_module_config(s->module_config); + return (conf->http_conformance == AP_HTTP_CONFORMANCE_UNSAFE); +} + typedef struct { apr_bucket_refcount refcount; h2_headers *headers; @@ -132,9 +138,19 @@ h2_headers *h2_headers_rcreate(request_rec *r, int status, headers->status = H2_ERR_HTTP_1_1_REQUIRED; } } + if (is_unsafe(r->server)) { + apr_table_setn(headers->notes, H2_HDR_CONFORMANCE, + H2_HDR_CONFORMANCE_UNSAFE); + } return headers; } +h2_headers *h2_headers_copy(apr_pool_t *pool, h2_headers *h) +{ + return h2_headers_create(h->status, apr_table_copy(pool, h->headers), + apr_table_copy(pool, h->notes), pool); +} + h2_headers *h2_headers_die(apr_status_t type, const h2_request *req, apr_pool_t *pool) { |