On Tue, Sep 30, 2008 at 11:00 AM, Nick Kew <nick@xxxxxxxxxxxx> wrote: > On Tue, 30 Sep 2008 09:50:00 -0400 > "Tom Wells" <drshade@xxxxxxxxx> wrote: > > > The "early" keyword exists to help developers simulate > a request, for example when debugging a new module. > Perhaps it should've remained undocumented. Exactly - and I've used it for debugging! Maybe I should have explained my real situation which sent me down this road, I know this is a busy list so I didn't want to bore people :) I've developed a mod_python module which hooks into the authen and authz Apache handlers in order to provide a common authentication and security module in front of a set of back-end webservers. So requests come into the Apache machine, my handlers do some fancy cookie checking and updating and either allow the request to continue processing (and onto the back-end webserver via modproxy) or respond with a redirect (to get rid of a not logged in user, or a bad cookie or whatever). This means we have a single "logical" session and multiple disparate webservers in the back, which is nice. So in the "real" app I don't actually use mod_header for anything, I just used it to demonstrate the issue I was having with mod_proxy (and thus remove any 3rd party dependencies such as mod_python and my custom module from the mix). In my "real" app I set the Set-Cookie header within a mod_python structure called req.headers_out, which marshals to the Apache r->headers_out structure. Sorry to cause any confusion here. > HTTP has no provision for a proxy to set an end-to-end header > such as Set-Cookie - only how it should deal with headers set by > the backend. mod_headers isn't part of the protocol implementation; > it's a convenience for users who want to change the default behaviour. Ok I understand this - but modproxy does seem to provide this behaviour, which is great, but differs between 2.2.4 and 2.2.9 when dealing with 100-Continue responses. > But it's not a bug now, nor was it before. If you want to set > a header with predictable behaviour, don't use "early". Maybe it's not a bug, but it certainly is inconsistent - and certainly something has has changed between the versions - so I wanted to highlight this. In the meantime however we have worked around this issue by stripping the "Expect: 100-Continue" from any inbound POSTs before the request is processed by modproxy. This works OK as I assume our clients don't really care about the "HTTP/1.1 100 Continue" before sending their POST body - but we have tested this only with a C# .NET client. -- http://www.tomwells.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|