url.access-allow is list of allowed url suffixes (e.g. file extensions)
If url.access-allow has been set, then deny any URL that does not match
the explicitly listed suffixes.
(thx japc)
x-ref:
"access_allow directive for lighttpd"
https://redmine.lighttpd.net/issues/1421
cygwin does not support ioctl on sockets, returning EOPTNOTSUPP
(would be better if cygwin used Windows ioctlsocket() instead)
Windows uses signed (socklen_t), so add some casts to quiet warnings
Windows path handling is convoluted, so disable one tests in mod_fastcgi
since trailing spaces are removed from URL for _WIN32 and __CYGWIN__ in
response.c
allow double-quotes, single-quotes or no quote on SSI param values
remove use of PCRE from mod_ssi
fix misspelling of 'unknow' to be 'unknown'
x-ref:
"mod_ssi doesn't accept single quotes"
https://redmine.lighttpd.net/issues/1768
server.error-handler preserves HTTP status error code when error page
is static, and allows dynamic handlers to change HTTP status code
when error page is provided by dynamic handler. server.error-handler
intercepts all HTTP status codes >= 400 except when the content is
generated by a dynamic handler (cgi, ssi, fastcgi, scgi, proxy, lua).
The request method is unconditionally changed to GET for the request
to service the error handler, and the original request method is
later restored (for logging purposes). request body from the
original request, if present, is discarded.
server.error-handler is somewhat similar to server.error-handler-404,
but server.error-handler-404 is now deprecated, intercepts only 404
and 403 HTTP status codes, and returns 200 OK for static error pages,
a source of confusion for some admins. On the other hand, the new
server.error-handler, when set, will intercept all HTTP status error
codes >= 400. server.error-handler takes precedence over
server.error-handler-404 when both are set.
NOTE: a major difference between server.error-handler and the
now-deprecated server.error-handler-404 is that the values of the
non-standard CGI environment variables REQUEST_URI and REDIRECT_URI
have been swapped. Since REDIRECT_STATUS is the original HTTP
status code, REDIRECT_URI is now the original request, and REQUEST_URI
is the current request (e.g. the URI/URL to the error handler).
The prior behavior -- which reversed REQUEST_URI and REDIRECT_URI values
from those described above -- is preserved for server.error-handler-404.
Additionally, REDIRECT_STATUS is now available to mod_magnet, which
continues to have access to request.uri and request.orig_uri.
See further discussion at https://redmine.lighttpd.net/issues/2702
and https://redmine.lighttpd.net/issues/1828
github: closes #36
The first condition which evaluates true in any if-else... condition
chain short-circuits the chain, and any remaining conditions in the
chain are marked false.
Previous conditions in if-else condition chaining must be evaluatable
(to true or false) -- must not remain in unset (not yet evaluatable)
state -- prior to evaluating later conditions. Since any true
condition short-circuits remaining conditions, all prev conditions
must be false prior to evaluating later conditions.
From: Glenn Strauss <gstrauss@gluelogic.com>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3081 152afb58-edef-0310-8abb-c4023f1b3aa9
Darwin's crypt does not support the '$...' extensions.
Signed-off-by: Kyle J. McKay
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3056 152afb58-edef-0310-8abb-c4023f1b3aa9
- don't generate files in src/
- move all build stuff to sconsbuild/
- have different output directories for static/ and fullstatic/,
so we can use that directory for the test suite
- each build type (dynamic, static, fullstatic) has its own check target
- read CFLAGS, LDFLAGS and LIBS from environment
(LIBS are appended after all other dependencies)
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3030 152afb58-edef-0310-8abb-c4023f1b3aa9
- condition logging is way too noisy and rarely useful
- increate timeout to wait for port bind; if the process dies we fail
early anyway
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2978 152afb58-edef-0310-8abb-c4023f1b3aa9
* next commit fixes the bug
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2897 152afb58-edef-0310-8abb-c4023f1b3aa9
See:
http://tools.ietf.org/html/draft-ietf-httpbis-p4-conditional-21#section-5
> it makes sense to ignore the If-Modified-Since when entity tags are
> understood and available for the selected representation.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2865 152afb58-edef-0310-8abb-c4023f1b3aa9
In case the proxy instance goes wrong, the clean-up doesn't kill the
real instance. So close both instances explicitly in the clean-up
phase.
Signed-off-by: Cyril Brulebois <kibi@debian.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2857 152afb58-edef-0310-8abb-c4023f1b3aa9
The proper way to declare a function taking no parameters isn't:
foo bar();
But this instead:
foo bar(void);
Signed-off-by: Cyril Brulebois <kibi@debian.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2843 152afb58-edef-0310-8abb-c4023f1b3aa9
* This patch may "break" some configs, if they do stupid things. Like setting
ssl.pemfile to a not existing file in a "non-socket/non-ssl" block.
Fix them! :)
From: Peter Colberg <peter@colberg.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2648 152afb58-edef-0310-8abb-c4023f1b3aa9
Found as make check on ubuntu hardy hanged itself, as perl-base
dependencies were broken and didn't require /etc/protocols but it
needed the file.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2610 152afb58-edef-0310-8abb-c4023f1b3aa9
- Lot of regressions (we forgot to reencode the result)
- Generic problem: after decode and rewrite "a?b?c": which '?' was the path?query seperator?
- Possible solution: only decode printable characters (without '?'), and encode the result; do not encode the '%' of a not decoded character.
- Still a problem with path simplifying, it seems many people use urls like this: http://server1/http%3a//server2/xxx
and rewrite the path into the querystring.
- Probably only usable with an extra config option
=> Do NOT use rewrite/redirect to protect specific urls.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2362 152afb58-edef-0310-8abb-c4023f1b3aa9
- Not distributed yet (so only available in svn checkout)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2359 152afb58-edef-0310-8abb-c4023f1b3aa9
test procedure: increased select timeout after killing lighttpd to avoid "Address already in use".
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2100 152afb58-edef-0310-8abb-c4023f1b3aa9
do not generate a "Content-Length: 0" header for HEAD requests, added test too
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2099 152afb58-edef-0310-8abb-c4023f1b3aa9
Kyle J. McKay
