github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Worked around mod_jk issue where a 401 response was not including the WWW-Authentication header (MODSEC-16).

Browse Source
This commit is contained in:
brectanus
2008-09-15 19:51:06 +00:00
parent 67c48bfdfb
commit 3848ff5b36
3 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@@ -1,6 +1,9 @@
03 Sep 2008 - trunk 15 Sep 2008 - trunk
------------------- -------------------
* Worked around mod_jk issue where a 401 response was not including the
WWW-Authentication header.
* Fixed XML DTD/Schema validation which will now fail after request body * Fixed XML DTD/Schema validation which will now fail after request body
processing errors, even if the XML parser returns a document tree. processing errors, even if the XML parser returns a document tree.

18
apache2/apache2_io.c
View File

@@ -378,6 +378,8 @@ static apr_status_t output_filter_init(modsec_rec *msr, ap_filter_t *f,
return -1; /* Invalid. */ return -1; /* Invalid. */
} }
msr->response_content_length = len;
if (len == 0) { if (len == 0) {
if (msr->txcfg->debuglog_level >= 4) { if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Output filter: Skipping response since Content-Length is zero."); msr_log(msr, 4, "Output filter: Skipping response since Content-Length is zero.");
@@ -676,6 +678,22 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
} }
} }
msr->of_done_reading = 1;
}
/* ENH: Probably need to make the handlers for this workaround
* configurable. */
else if ( (strcmp("jakarta-servlet", msr->r->handler) == 0)
&& APR_BUCKET_IS_FLUSH(bucket)
&& (APR_BUCKET_NEXT(bucket) == APR_BRIGADE_SENTINEL(bb_in))
&& (msr->resbody_length == msr->response_content_length))
{
/* A FLUSH sent as the last bucket in the bridade may indicate
* the end of the response for certain modules if the bytes
* received match the response C-L header. In this case, the
* FLUSH bucket is interpreted as an EOS.
*/
msr_log(msr, 4, "Output filter: Interpreted FLUSH as EOS for handler \"%s\".", msr->r->handler);
msr->of_done_reading = 1; msr->of_done_reading = 1;
} }
} }

1
apache2/modsecurity.h
View File

@@ -268,6 +268,7 @@ struct modsec_rec {
const char *response_protocol; const char *response_protocol;
apr_table_t *response_headers; apr_table_t *response_headers;
unsigned int response_headers_sent; unsigned int response_headers_sent;
apr_off_t response_content_length;
apr_off_t bytes_sent; apr_off_t bytes_sent;
/* modsecurity request body processing stuff */ /* modsecurity request body processing stuff */