diff options
author | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2011-04-04 08:46:08 +0000 |
---|---|---|
committer | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2011-04-04 08:46:08 +0000 |
commit | 038525403ebcc1d69436adad9bc1cfabb371dae1 (patch) | |
tree | 429e397cb6b10f1d05410e5b42f2630c21083281 /sca-cpp/trunk/modules/http/mod-openauth.cpp | |
parent | 37104d47a3ce5234ff708588b68e8d9cbd13131d (diff) |
Fix performance and security issues reported by pagespeed and skipfish.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1088508 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-cpp/trunk/modules/http/mod-openauth.cpp')
-rw-r--r-- | sca-cpp/trunk/modules/http/mod-openauth.cpp | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/sca-cpp/trunk/modules/http/mod-openauth.cpp b/sca-cpp/trunk/modules/http/mod-openauth.cpp index 6917c8862c..9fd6579265 100644 --- a/sca-cpp/trunk/modules/http/mod-openauth.cpp +++ b/sca-cpp/trunk/modules/http/mod-openauth.cpp @@ -285,6 +285,55 @@ static int checkAuthn(request_rec *r) { } /** + * Fixup cache control. + */ +bool filterCacheControl(const string& tok) { + return tok != "no-cache"; +} + +static apr_status_t outputFilter(ap_filter_t * f, apr_bucket_brigade * in) { + request_rec *r = f->r->main; + if (!r) + r = f->r; + for (; r != NULL; r = r->next) { + if (r->status != HTTP_OK && r->status != HTTP_NOT_MODIFIED) { + + // Don't cache errors and redirects + debug("no-cache", "modopenauth::outputFilter::nokCacheControl"); + apr_table_set(r->headers_out, "Cache-Control", "no-cache"); + continue; + } + + // Cache OK content + const char* cc = apr_table_get(r->headers_out, "Cache-Control"); + if (cc == NULL) { + debug("modopenauth::outputFilter::noCacheControl"); + continue; + } + debug(cc, "modopenauth::outputFilter::cacheControl"); + const string ncc = join(", ", filter<string>(filterCacheControl, tokenize(", ", cc))); + if (length(ncc) == 0) { + debug("modopenauth::outputFilter::noCacheControl"); + apr_table_unset(r->headers_out, "Cache-Control"); + continue; + } + + debug(ncc, "modopenauth::outputFilter::okCacheControl"); + apr_table_set(r->headers_out, "Cache-Control", c_str(ncc)); + } + + ap_remove_output_filter(f); + return ap_pass_brigade(f->next, in); +} + +/** + * Insert our cache control output filter. + */ +static void insertOutputFilter(request_rec * r) { + ap_add_output_filter("mod_openauth", NULL, r, r->connection); +} + +/** * Process the module configuration. */ int postConfigMerge(ServerConf& mainsc, server_rec* s) { @@ -349,6 +398,8 @@ void registerHooks(unused apr_pool_t *p) { ap_hook_post_config(postConfig, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_child_init(childInit, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_check_authn(checkAuthn, NULL, NULL, APR_HOOK_MIDDLE, AP_AUTH_INTERNAL_PER_CONF); + ap_register_output_filter("mod_openauth", outputFilter, NULL, AP_FTYPE_CONTENT_SET); + ap_hook_insert_filter(insertOutputFilter, NULL, NULL, APR_HOOK_LAST); } } |