Browse code

... and patch

Hanno Böck authored on 04/12/2015 08:38:41
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,123 @@
1
+diff --git a/include/http_core.h b/include/http_core.h
2
+index 6ca53f7..8535455 100644
3
+--- a/include/http_core.h
4
+@@ -465,6 +465,17 @@ typedef unsigned long etag_components_t;
5
+ /* This is the default value used */
6
+ #define ETAG_BACKWARD (ETAG_MTIME | ETAG_SIZE)
7
+ 
8
++/* Generic ON/OFF/UNSET for unsigned int foo :2 */
9
++#define AP_CORE_CONFIG_OFF   (0)
10
++#define AP_CORE_CONFIG_ON    (1)
11
++#define AP_CORE_CONFIG_UNSET (2)
12
++
13
++/* Generic merge of flag */
14
++#define AP_CORE_MERGE_FLAG(field, to, base, over) to->field = \
15
++               over->field != AP_CORE_CONFIG_UNSET            \
16
++               ? over->field                                  \
17
++               : base->field                                   
18
++
19
+ /**
20
+  * @brief Server Signature Enumeration
21
+  */
22
+@@ -630,6 +641,8 @@ typedef struct {
23
+      * advice
24
+      */
25
+     unsigned int cgi_pass_auth : 2;
26
++    unsigned int qualify_redirect_url :2;
27
++
28
+ } core_dir_config;
29
+ 
30
+ /* macro to implement off by default behaviour */
31
+diff --git a/server/core.c b/server/core.c
32
+index 37484b6..803d4d4 100644
33
+--- a/server/core.c
34
+@@ -191,6 +191,7 @@ static void *create_core_dir_config(apr_pool_t *a, char *dir)
35
+     conf->max_reversals = AP_MAXRANGES_UNSET;
36
+ 
37
+     conf->cgi_pass_auth = AP_CGI_PASS_AUTH_UNSET;
38
++    conf->qualify_redirect_url = AP_CORE_CONFIG_UNSET; 
39
+ 
40
+     return (void *)conf;
41
+ }
42
+@@ -405,6 +406,8 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv)
43
+ 
44
+     conf->cgi_pass_auth = new->cgi_pass_auth != AP_CGI_PASS_AUTH_UNSET ? new->cgi_pass_auth : base->cgi_pass_auth;
45
+ 
46
++    AP_CORE_MERGE_FLAG(qualify_redirect_url, conf, base, new);
47
++
48
+     return (void*)conf;
49
+ }
50
+ 
51
+@@ -1707,6 +1710,15 @@ static const char *set_cgi_pass_auth(cmd_parms *cmd, void *d_, int flag)
52
+     return NULL;
53
+ }
54
+ 
55
++static const char *set_qualify_redirect_url(cmd_parms *cmd, void *d_, int flag)
56
++{
57
++    core_dir_config *d = d_;
58
++
59
++    d->qualify_redirect_url = flag ? AP_CORE_CONFIG_ON : AP_CORE_CONFIG_OFF;
60
++
61
++    return NULL;
62
++}
63
++
64
+ static const char *set_override_list(cmd_parms *cmd, void *d_, int argc, char *const argv[])
65
+ {
66
+     core_dir_config *d = d_;
67
+@@ -4206,6 +4218,10 @@ AP_INIT_TAKE12("LimitInternalRecursion", set_recursion_limit, NULL, RSRC_CONF,
68
+ AP_INIT_FLAG("CGIPassAuth", set_cgi_pass_auth, NULL, OR_AUTHCFG,
69
+              "Controls whether HTTP authorization headers, normally hidden, will "
70
+              "be passed to scripts"),
71
++AP_INIT_FLAG("QualifyRedirectURL", set_qualify_redirect_url, NULL, OR_FILEINFO,
72
++             "Controls whether HTTP authorization headers, normally hidden, will "
73
++             "be passed to scripts"),
74
++
75
+ AP_INIT_TAKE1("ForceType", ap_set_string_slot_lower,
76
+        (void *)APR_OFFSETOF(core_dir_config, mime_type), OR_FILEINFO,
77
+      "a mime type that overrides other configured type"),
78
+diff --git a/server/util_script.c b/server/util_script.c
79
+index 14991cd..7ac7930 100644
80
+--- a/server/util_script.c
81
+@@ -282,21 +282,26 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
82
+     /* Apache custom error responses. If we have redirected set two new vars */
83
+ 
84
+     if (r->prev) {
85
+-        /* PR#57785: reconstruct full URL here */
86
+-        apr_uri_t *uri = &r->prev->parsed_uri;
87
+-        if (!uri->scheme) {
88
+-            uri->scheme = (char*)ap_http_scheme(r->prev);
89
+-        }
90
+-        if (!uri->port) {
91
+-            uri->port = ap_get_server_port(r->prev);
92
+-            uri->port_str = apr_psprintf(r->pool, "%u", uri->port);
93
+-        }
94
+-        if (!uri->hostname) {
95
+-            uri->hostname = (char*)ap_get_server_name_for_url(r->prev);
96
++        if (conf->qualify_redirect_url != AP_CORE_CONFIG_ON) { 
97
++            add_unless_null(e, "REDIRECT_URL", r->prev->uri);
98
++        }
99
++        else { 
100
++            /* PR#57785: reconstruct full URL here */
101
++            apr_uri_t *uri = &r->prev->parsed_uri;
102
++            if (!uri->scheme) {
103
++                uri->scheme = (char*)ap_http_scheme(r->prev);
104
++            }
105
++            if (!uri->port) {
106
++                uri->port = ap_get_server_port(r->prev);
107
++                uri->port_str = apr_psprintf(r->pool, "%u", uri->port);
108
++            }
109
++            if (!uri->hostname) {
110
++                uri->hostname = (char*)ap_get_server_name_for_url(r->prev);
111
++            }
112
++            add_unless_null(e, "REDIRECT_URL",
113
++                            apr_uri_unparse(r->pool, uri, 0));
114
+         }
115
+         add_unless_null(e, "REDIRECT_QUERY_STRING", r->prev->args);
116
+-        add_unless_null(e, "REDIRECT_URL",
117
+-                        apr_uri_unparse(r->pool, uri, 0));
118
+     }
119
+ 
120
+     if (e != r->subprocess_env) {