aboutsummaryrefslogtreecommitdiff
path: root/lib/Apache
diff options
context:
space:
mode:
authorroot <root@rbsd.ankarstrom.se>2021-04-29 00:02:41 +0000
committerroot <root@rbsd.ankarstrom.se>2021-04-29 00:11:29 +0000
commit96e026c1815f123e5a60ee106cb802fc841faa6c (patch)
tree5f410a9d50a757e21b104afc2d22a8a22551b60d /lib/Apache
parent6cac80b5c80e89ac46e8a8fc928aa98de183a47f (diff)
downloadApache-Inject-master.tar.gz
Fix filter-related bugHEADmaster
Apparently, an Apache filter can be invoked more than once for a single request, depending on the size of the contents [1]. Luckily, though, a filter can save state in the ctx field [1,2]. The solution isn't perfect, as it can't handle arbitrary long heads, but they're very unlikely. [1] https://httpd.apache.org/docs/2.4/developer/output-filters.html#invocation [2] https://perl.apache.org/docs/2.0/user/handlers/filters.html#Introducing_Filters
Diffstat (limited to 'lib/Apache')
-rw-r--r--lib/Apache/Inject.pm16
-rw-r--r--lib/Apache/Inject/Filter.pm32
2 files changed, 39 insertions, 9 deletions
diff --git a/lib/Apache/Inject.pm b/lib/Apache/Inject.pm
index 1d6f49b..68e003e 100644
--- a/lib/Apache/Inject.pm
+++ b/lib/Apache/Inject.pm
@@ -182,6 +182,10 @@ intelligently and forwards their combined contents.
=head1 CAVEATS
+=over
+
+=item *
+
Apache::Inject::Filter uses a regular expression to determine the
proper location of the injected header. It supports all valid HTML.
However, it does not parse embedded CSS and JavaScript, which means
@@ -204,10 +208,22 @@ This specific type of document, however, is I<incredibly> unlikely.
In this case, an ad-hoc solution is simpler, more efficient and
more maintainable than a general one.
+=item *
+
+Because of how Apache filters work, Inject may fail to find the end
+of the E<lt>headE<gt> if the E<lt>headE<gt> is very long (in my
+experience over 7000 characters). If this happens, it will decline
+the request, and the contents will be served as though Inject had
+not been enabled.
+
+=item *
+
On FreeBSD, you may need to enable the accf_http kernel module in
order for the tests to work. Note that Apache::Inject works fine
without the module; it is only the tests that require it.
+=back
+
=head1 DIAGNOSTICS
Apache::Inject and Apache::Inject::Filter log all errors and
diff --git a/lib/Apache/Inject/Filter.pm b/lib/Apache/Inject/Filter.pm
index f87cdc1..67511e2 100644
--- a/lib/Apache/Inject/Filter.pm
+++ b/lib/Apache/Inject/Filter.pm
@@ -49,15 +49,29 @@ sub handler : FilterRequestHandler {
return DECLINED;
}
- my ($buf, $content);
- $content .= $buf while $f->read($buf);
- return DECLINED if not $content =~ /$doc/;
-
- $f->print($+{head}) if $+{head};
- inject($f, "InjectHead");
- $f->print($+{body}) if $+{body};
- inject($f, "InjectFoot");
- $f->print($+{rest}) if $+{rest};
+ # First pass
+ if (not $f->ctx) {
+ my ($buf, $content);
+ $content .= $buf while $f->read($buf);
+ if (not $content =~ /$doc/) {
+ $f->r->warn('Inject: Cannot find <body> (<head> too long?)');
+ return DECLINED;
+ }
+
+ $f->print($+{head}) if $+{head};
+ inject($f, "InjectHead");
+ $f->print($+{body}) if $+{body};
+ inject($f, "InjectFoot");
+ $f->print($+{rest}) if $+{rest};
+
+ $f->ctx(1);
+ }
+
+ # Any subsequent pass
+ else {
+ my $buf;
+ $f->print($buf) while $f->read($buf);
+ }
return OK;
}