need mod_xml2enc
(other pages might, but I'd guess probably not).
If you simply don't load it in the server you'll simplify things.
In fact it looks as if mod_xml2enc needs updating to work
correctly with HTML 5's nonsense!
--
Nick Kew
hat the backend sets, what the browser gets, and
what happens between them.
Meanwhile, does it fix the problem if you add to the config section:
RequestHeader Unset Accept-Encoding ?
--
Nick Kew
-
To unsubscri
re already
doing what I
said, you may be doing it in a hook where the vhost doesn't actually exist as a
current server_rec identity. If so there's an even more messy way to get it
(provided
you're at least after config
filtering play nicely
with gzipped contents, particularly in a proxy situation, was one of the
main motivations behind both mod_filter and the INFLATE output filter in
mod_deflate. Revisiting the documentation I see the image downsampling
example in the mod_filter page applies the same prin
applicable to users via .htaccess.
Details can change at any time without a server restart.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
ilities added by Debian/Ubuntu. You shouldn't see them in
> apache.org documentation.
This is of course a longstanding and well-known issue.
You might enjoy an old article on the subject:
https://www.theregister.com/2006/11/04/apache_packages_support_vacuum/
--
Nick Kew
--
. Maybe the customer is messing you
around, or your system is duplicating entries offline. Unless you've
got yourself hopelessly confused and need a good night's sleep and a
day off to clear the head.
--
Nick Kew
-
To u
re mixing
and in what appears intended to be the same space. Don't.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
7;ve verified it works as expected for me.
That is to say, if the client sets Accept-Encoding, the backend receives it.
I guess you must have something in your configuration (possibly set by some
third-party application) that
ent-codings commonly understood by HTTP/1.0 clients (i.e.,
"gzip" and "compress") are preferred; [...]"
[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=43454 tracks a bunch of
them. Specifically th
o you want to happen? To return compressed contents to a Client
that won't accept it, you could have the proxy set the request header.
To decompress contents on the fly, you'd use that filter from mod_deflate.
--
Nick Kew
--
eral transcription? I'm looking at the apparent
argument there!
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
g it
At a guess, the RHEL7 has a different APR version to what you built against:
probably APR 2.
Either switch the APR version within the package manager, or include APR in
what you
build yourself rather than use RH packages.
--
Nick Kew
-
advice is wrong on too many levels to enumerate).
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
choice of presentation elements.
Any usability issues there are BY DEFINITION on the client side.
Having said that, if you want to subvert mod_autoindex to satisfy
some total idiot who happens to work for Google, you'd just set
a stylesheet for mod_autoindex's display and use th
> On 24 Jun 2020, at 00:35, barry kimelman wrote:
>
>
> What have I done wrong?
You've had some good advice from others. But also check your shebang line.
--
Nick Kew
-
To unsubscribe, e-mai
hed).
If it works for you I'll think through whether it's fit to
commit as-is or whether there's a case for something more
general (and complex).
--
Nick Kew
Index: modules/filters/mod_proxy_html.c
===
--- modules/fi
workaround.
I think this merits a bugzilla entry. Do you want to submit it?
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
> FYI, by increasing LogLevel to INFO, error log shows:
Basically just shows the problem isn't your backend. My first reply was
leading to "if the debug info doesn't tell us what's wrong, I'll ask for a
on
You probably also don't want that. I think the documentation of that
is misleadingly out-of-date, but I don't want to check now (late, and
after a glass of wine).
--
Nick Kew
-
To unsubscribe, e-mail: users-unsu
_xml2enc will report what charset it
detects,
so you can check whether that's what you think it should be. Probably better to
increase it to DEBUG, which will get quite a lot more info from mod_xml2enc.
If that doesn't help you figure it out, post the mod_xml2enc messages at lev
s a hook to enable modules to insert a function.
The r and the n are arguments to the function do_something.
Best way to get a feel for it is to look at examples in the core
server and standard modules, and match the declarations to
AP_IMPLEMENT_HOOK_* and ap_hook_*.
Hooks are pretty central
s. No "mod_".
You'll also find it refuses to run without system security. On Linux that
means you
need mod_unixd, unless you're living on-the-edge with some third-party
alternative.
--
Nick Kew
-
To unsu
On Mon, 15 Apr 2019 17:21:27 +0100
Nick Kew wrote:
> Hmm. Your fix does the job for you, but shouldn't be necessary.
>
> I'm thinking, mod_proxy_html does the right thing removing itself.
> mod_xml2enc should do the same when inserted by mod_proxy_html.
> That should
e.)
Hmm. Your fix does the job for you, but shouldn't be necessary.
I'm thinking, mod_proxy_html does the right thing removing itself.
mod_xml2enc should do the same when inserted by mod_proxy_html.
That should be straightforward to fix. I'll take a look later today.
Thanks for t
s: that's entirely deliberate, and I could've
answered that question without having to investigate anything.
But 201 isn't an error, and it's probably wrong to treat it as such
in filtering.
This needs thinking through and perhaps fixing.
--
Nick Kew
gives no clue what APR version you're using!
A recent stable libapr would be 1.6.x.
> When we remove php72w-mysql package from our server the problem disappears.
Removing php is a fine solution to many problems. A second-best that might
work for you is to use it in a fastcgi configuration rather than loaded into
the server.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
handler, not a map straight to
the filesystem). If you add a breadcrumb (e.g. a Header), do you see it in a
PUT?
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
er on the internet but got
> nothing can anyone give a hint on this.
There's no specific JSON parser, unless you can find a third-party module.
But if parsing your POST data as text works, then mod_sed may do the job for
you.
--
Nick Kew
--
ion to decide what struct will best serve you.
FWIW, the situation where I find an APR array helps most often over a linked
list is in making life easier in a configuration merge function.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
equest_uri?
(apologies if this is the beer speaking: just back from an evening out).
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
al request to the legacy site.
A bit of an ugly hack (and probably not useful), but what about an
errordocument that uses SSI to include your contents?
Would you be able to share the nginx config to achieve what you're
lookin
buntu's package (as opposed to your own or a third-party), then it
looks like a ubuntu bug: they should either fix their OpenSSL package
dependency or not load SSL by default.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr
atives: get the content generator to add a custom header, or
a one-line change to mod_deflate to set a flag.
—
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
o work
> properly. However, I have that condition also in the Inflate
> FilterProvider and it seems to work there.
Yep. When you decompress the contents, it's no longer gzipped,
so the inflate filter removes the header labelling it as such.
--
Nick Kew
---
d if you’re using
Debian’s
versions you’ll need the -dev packages from apt. apr-util should then find
them,
but if it doesn’t then you’ll need a —with-expat or —with-libxml2 option.
—
Nick Kew
-
To unsubscribe, e-mai
work. Your intended proxy is a “man in the middle” attack. Clients
will
see that its certificate doesn’t match the domain they’re visiting, and rightly
refuse to make an SSL connection that’s being eavesdropped.
—
Nick Kew
-
T
but have you tried
using RequestHeader (mod_headers) to fake it?
> Something like mod_deflate or mod_substitute changing the length>
I’ve certainly encountered problems with filters invalidating headers.
And (in the distant past) fixed some of them
port* the methods in question. C.f. mod_dav, for example.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
to deal with platform issues).
Most of us install a regular toolchain from something like
fink, macports, or homebrew.
> I would like to try
> out writing a custom module.
If you want something more substantial than the developer notes
in the docs, my book aims to help you up the learning cu
s to rewrite something specific in HTML pages,
mod_proxy_html could be another option. You get a markup-aware
parser, as opposed to a simple match-and-replace in
the modules we've mentioned. Though that'll depend on what
works best with your application and your custom
re any to parse html responses
> and regex replace something with an environment variable?
mod_line_edit supports environment variables with either
string or regexp replacement.
--
Nick Kew
-
To unsubscribe,
he
> request sent by the client.
Is a RURI param a part of a header?
You can test your input in an expression, and
configure one backend in the If block and the other in
an Else(If).
--
Nick Kew
-
To unsubscribe,
pool that's managed
by the server and will be cleared at the appropriate time
(most commonly at the end of a Request). So he doesn't need
to do anything.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Tying authentication to a connection
would be a complete violation of HTTP, and prevent it working
in pretty-much any situation with a general-purpose browser.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apa
eports
$CONTENT_LENGTH bytes? Or your real application?
What does the test program say?
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
p.s. if you're updating, you might want the new 2.4.29.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
k that using ipcs.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
lue the policyref bit.
Somehow the server is seeing the whole line as a header name.
You should investigate and fix whatever sets the header.
—
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
ng a 302 redirect in response, which is not really a good
idea, but probably comes from some default you've set somewhere.
Better to send a NOT FOUND instead (that's 404 from memory).
Or just BAD REQUEST (400).
--
Nick Kew
--
On Sat, 2017-07-08 at 08:35 -0500, Blake McBride wrote:
> When, through my browser, I go to abc.com,
Probably what Eric said. But is there history to this?
As in, trying different variants on your configuration?
If you have previously had a permanent (301) redirect
from abc.com, then what you se
crypto lib. It's unlikely you need to know
any of that building httpd, but it's still a release note.
Unbundling expat from APR rids us of this kind of issue, and
perhaps more importantly the troubling issue of expat security
issues living on in APR after they are fixed in
Once you start excluding files by convention (which may be
entirely different and inappropriate on another platform),
it's a minefield.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
have some non-standard paths, including that one,
somewhere in your configuration.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
learly documented as an upgrade note!
Are you sure nothing else changed at the same time as your upgrade?
Did you build from source or install a packaged or third-party version?
--
Nick Kew
-
To unsubscribe, e-mail: users-unsu
arge is itself a request that is proxied?
I can see how that would recurse: your error document is
configured to reject the request for exactly the same reason
as the original request. But this is off the top of my head:
I haven't
cessing fails.
Can't be sure, but I suspect you've found a bug (the alternative
is a configuration error). If you can come up with a test case
to reproduce the behaviour, an entry in Bugzilla would be in order.
--
Nick Kew
-
mething PHP is doing.
Questions to consider:
Why the idiosyncratic install locations of httpd and php
in your filesystem?
What's the HTTP response?
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
e proxy. Any
> further help?
Are you saying you want an error message coming from the backend
but modified by the proxy? That would imply using a content filter
(such as mod_proxy_html, mod_sed, or mod_substitute) to rewrite
the response from the backend
oxy reply with a "too busy" error page
than not take the connection at all, right?
The proxy balancer would be a place to look: that offers various
ways to determine how much traffic to send to a backend. If that
doesn't meet your needs, there are several third-party traffic-
ty or ironbee for this kind of capability.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
;t a problem you look to solve. It's a candidate
*solution* to certain problems. Look at the problem instead of
fixating on one particular class of prospective solution.
--
Nick Kew
-
To unsubscribe, e-mail: users-uns
I got my first programming job in the 1980s,
there was still lots of ancient FORTRAN around, from before the
FORTRAN-77 standard brought block structure to that language.
We newbies were NOT encouraged to write old-style spaghetti code.
--
Nick Kew
--
dit or mod_sed), and the problem you're trying
to solve looks like exactly the one for which mod_proxy_html
is the smart (markup-aware) solution.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For add
oxy request. They are
separate backends to the server.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
New answer: enforce HTTP much more strictly to pre-empt the next
security alert based on smuggling something through.
In reply to the OP, does HTTPProtocolOptions may be what you're
looking for, though I haven't verif
g it to apache.
> [ mod_proxy_protocol.c ]
> Copyright 2014 Cloudzilla Inc.
If that's in our svn, it should probably have another line
asserting Apache copyright alongside that one. As in,
for instance, mod_proxy_html.
--
Nick Kew
---
with a self-built httpd.
Most likely fix is to upgrade APR and APR-UTIL.
Or use the ones bundled in the httpd package.
> cd httpd-2.2.31
> ./configure --prefix=/nfs/apache_120/apache --with-mpm=worker
You might want to add an explicit --with-apr (a
f something
installed and built against the wrong version.
If you installed from a package, you might want to check with
your package provider and see if they have a bug report or any
suggestions.
--
Nick Kew
-
To unsubscrib
created.
You should use apxs to build your modules. From the above,
I'm guessing you tried something different.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
implied if not present) in HTML.
If you're parsing markup, mod_proxy_html saves you having to
throw dodgy heuristics at it.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional comman
parse as a single line.
(If pages are big it would still be simpler, but a big performance hit).
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Thu, 2016-11-17 at 08:08 -0700, @lbutlr wrote:
> On Nov 17, 2016, at 3:56 AM, Nick Kew wrote:
> > On Wed, 2016-11-16 at 12:12 -0700, @lbutlr wrote:
> >> When launching apache 2.4 I get a core dump. Nothing is logged to the
> >> http-error log. I’ve tried rebui
different/slightly incompatible
pcre version?
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Tue, 2016-11-15 at 09:41 -0800, Jacob Champion wrote:
> On 11/15/2016 09:19 AM, Nick Kew wrote:
> > So IfFile joins IfDefine and the infamous[1] IfModule. What next?
> > We can't get rid of them in the lifetime of 2.4, but maybe thereafter
> > they could come togeth
[1] because it gives rise to so much confusion amongst users.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
ame with plain HTTP?
Also, mod_proxy gets very verbose if you turn loglevel
up to Debug. Worth a try if it's not one of those problems
you solved one minute after posting!
--
Nick Kew
-
To unsubscribe, e-mail: users-
ut given that the server parses the URL, you can probably
dispense with that altogether, and use configuration to
deal with whatever your parser does. If
or is not sufficient, then an clause.
Or even the archaic tool of yesteryear, mod_rewrite.
--
a forward proxy.
If you want to run both, I'd suggest keeping the reverse proxy
in a virtualhost with proxyrequests off, so you separate it from
the forward proxy. The latter must of course be appropriately
secured against being
unlikely to be what you want.
> AddInputFilter Sed html css js pl cgi text
Looks very confused: most of those are customarily
associated with GET requests and static content.
--
Nick Kew
-
To unsubscribe, e-mail: users-u
ning as root is, at the very least,
a big security concern, and I would NOT recommend the above
unless it was an alternative to something yet worse!
Rewritemap at least has the advantage of history and exposure.
--
Nick Kew
-
T
ile in the first place.
Check out proxy-sendchunked vs proxy-sendcl in the docs.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
7;ve
edited the wrong file. Anything in /etc/ comes from
your distro package or a customised install, so
you'd have to check elsewhere for whether it's right.
If you try to break it completely using envvars
(like, break LD_LIBRARY_PATH), what h
, as that could be a big
security issue. The per-request environment
serves as an alternative in such cases.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
roblems (by suppressing helpful error messages
that tell you what's wrong if you need to load a module).
When you want it is if you're packaging httpd (or a product
that includes it) for a range of different users and purposes.
--
Nick Kew
---
On Sun, 2016-05-22 at 04:05 +0100, Alessandro Re wrote:
> #!/usr/bin/sh
Is that a typo or an unusual filesystem?
Does your script run from the commandline
(as "/path/to/test.cgi", not as "sh test.cgi")?
--
Nick Kew
-
re, and start the
server with -f pointing to a trivial config that just serves
the page in response to everything.
Or set it as a FallbackResource or ErrorDocument, and
suppress your regular contents while under maintenance.
Useful if you want to continue serving some vhosts
while taking o
On Mon, 2016-05-16 at 12:14 +0300, Reko Turja wrote:
> Dear Apache experts;
>
> I have a recurring line appearing in my error log:
>
> Host: not found
Without the normal timestamp/severity/etc?
That'll be some script writing to stderr, which is
diverted into the erro
On Tue, 2016-05-03 at 10:52 -0400, Julie Kurpa wrote:
> I've been trying various combinations of the Rewrite module
Bad idea. Don't go looking for the brittle and difficult solution
until you've looked for an easy one.
In your case, ErrorDocum
ing. Some people like it.
Pick one or the other and stick to it!
Advantage of the Debian's package: apt will automate upgrades for you.
Advantage of installing Apache package: you won't find yourself the
wrong side of the documentati
On Thu, 7 Jan 2016 17:59:55 +0530
Sreenath BH wrote:
> Is there any way we can send such status code in fcgid?
Have you tried it with a trivial test script?
Maybe just set the status and reply HelloWorld?
--
Nick Kew
-
with the VMs and
substitute plain old VirtualHosts, that's a far more
efficient solution.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
comment suggests that the issue
you describe was fixed in 2.3/2.4, but not in 2.2.
You could presumably apply the patch attached to that
bug report if you don't want to upgrade?
--
Nick Kew
-
To unsubscribe, e-mail: u
DBDMin 1
> DBDKeep 2
> DBDMax 20
> DBDExptime 300
Does varying those params make any difference at all?
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache
, if the OP is most at home
in C then that's where he's (on balance) at least risk of
screwing up.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
I'm not clear if you meant that too), you will slow page
loads by killing parallelism.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
ould be a security issue if, for example, you run
something that reveals the server's environment.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
I regularly run it in single-process mode for debug.
Having said that, I'm no better placed than you to
answer the OP, as I don't know docker and don't
follow the OP's motivation here.
--
Nick Kew
-
To unsu
ght tell you all.
--
Nick Kew
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
to the backend,
when it could and should substitute its own? Or am I misreading you?
Your report is rather long and detailed to review in email on
this list. Is there anything about this in Bugzilla? If not,
you could perhaps consider submitting a report.
1 - 100 of 1246 matches
Mail list logo
