DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9289>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9289
Add a banner word blocking directive in the mod_proxy
Summary: Add a banner word blocking directive in the mod_proxy
Product: Apache httpd-1.3
Version: 1.3.24
Platform: All
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Other
Component: mod_proxy
AssignedTo: bugs@httpd.apache.org
ReportedBy: fan_xia@hotmail.com
I think Apache should have a directive to block some banner words if apache is
used as a pure proxy server. This directive is similar to the ProxyBlock
directive. This directive allows apache to grep an ad word in the URL and
block the connection if it matches the predefined word. it also doesn't do a
host lookup in the server start-up. Here is what I did to implement a
directive ProxyWordBlock :
(1) add the following to the definition of
static const command_rec proxy_cmds[]=
{
...
...
{"ProxyWordBlock", set_proxy_word_exclude, NULL, RSRC_CONF, ITERATE,
/* LINKBYTE */
"A list of names, words, hosts or domains to which the proxy will not
connect"},
{NULL}
};
where, funcion set_proxy_word_exclude is defined later.
(2) add a new data member to the structure of proxy_server_conf in the
mod_proxy.h file:
array_header *nowords;
(3) insert the following line into the function of create_proxy_config:
ps->nowords = ap_make_array(p, 10, sizeof(struct noproxy_entry));
(4) insert the following line into the function of merge_proxy_config:
ps->nowords = ap_append_arrays(p, base->nowords, overrides->nowords);
(5) create a new funciton in the mod_proxy.c file:
/* Similar to set_proxy_exclude(), but not resolve the hostname and make
* the case sensible
*/
static const char *
set_proxy_word_exclude(cmd_parms *parms, void *dummy, char *arg)
{
server_rec *s = parms->server;
proxy_server_conf *conf =
ap_get_module_config(s->module_config, &proxy_module);
struct noproxy_entry *new;
struct noproxy_entry *list = (struct noproxy_entry *) conf->nowords->elts;
int found = 0;
int i;
/* Don't duplicate entries */
for (i = 0; i < conf->nowords->nelts; i++) {
if (strcmp(arg, list[i].name) == 0)
found = 1;
}
if (!found) {
new = ap_push_array(conf->nowords);
new->name = arg;
new->addr.s_addr = 0;
}
return NULL;
}
(6)in the file of proxy_http.c, add the following line in the beginning of
function ap_proxy_http_handler:
struct noproxy_entry *nwent = (struct noproxy_entry *) conf->nowords->elts;
6)in the file of proxy_http.c, add the following line in the function
ap_proxy_http_handler after the similar proxyblock codes:
/* check if ProxyWordBlock directive on this host */
for (i = 0; i < conf->nowords->nelts; i++) {
if (nwent[i].name && nwent[i].name[0] &&
strstr(url, nwent[i].name))
return ap_proxyerror(r, HTTP_FORBIDDEN,
"Connect to remote machine blocked");
}
(7) we can do the similar thing for the proxy_ftp.c and proxy_connect.c,
however, i choose to let it alone.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9289>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9289
Add a banner word blocking directive in the mod_proxy
Summary: Add a banner word blocking directive in the mod_proxy
Product: Apache httpd-1.3
Version: 1.3.24
Platform: All
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Other
Component: mod_proxy
AssignedTo: bugs@httpd.apache.org
ReportedBy: fan_xia@hotmail.com
I think Apache should have a directive to block some banner words if apache is
used as a pure proxy server. This directive is similar to the ProxyBlock
directive. This directive allows apache to grep an ad word in the URL and
block the connection if it matches the predefined word. it also doesn't do a
host lookup in the server start-up. Here is what I did to implement a
directive ProxyWordBlock :
(1) add the following to the definition of
static const command_rec proxy_cmds[]=
{
...
...
{"ProxyWordBlock", set_proxy_word_exclude, NULL, RSRC_CONF, ITERATE,
/* LINKBYTE */
"A list of names, words, hosts or domains to which the proxy will not
connect"},
{NULL}
};
where, funcion set_proxy_word_exclude is defined later.
(2) add a new data member to the structure of proxy_server_conf in the
mod_proxy.h file:
array_header *nowords;
(3) insert the following line into the function of create_proxy_config:
ps->nowords = ap_make_array(p, 10, sizeof(struct noproxy_entry));
(4) insert the following line into the function of merge_proxy_config:
ps->nowords = ap_append_arrays(p, base->nowords, overrides->nowords);
(5) create a new funciton in the mod_proxy.c file:
/* Similar to set_proxy_exclude(), but not resolve the hostname and make
* the case sensible
*/
static const char *
set_proxy_word_exclude(cmd_parms *parms, void *dummy, char *arg)
{
server_rec *s = parms->server;
proxy_server_conf *conf =
ap_get_module_config(s->module_config, &proxy_module);
struct noproxy_entry *new;
struct noproxy_entry *list = (struct noproxy_entry *) conf->nowords->elts;
int found = 0;
int i;
/* Don't duplicate entries */
for (i = 0; i < conf->nowords->nelts; i++) {
if (strcmp(arg, list[i].name) == 0)
found = 1;
}
if (!found) {
new = ap_push_array(conf->nowords);
new->name = arg;
new->addr.s_addr = 0;
}
return NULL;
}
(6)in the file of proxy_http.c, add the following line in the beginning of
function ap_proxy_http_handler:
struct noproxy_entry *nwent = (struct noproxy_entry *) conf->nowords->elts;
6)in the file of proxy_http.c, add the following line in the function
ap_proxy_http_handler after the similar proxyblock codes:
/* check if ProxyWordBlock directive on this host */
for (i = 0; i < conf->nowords->nelts; i++) {
if (nwent[i].name && nwent[i].name[0] &&
strstr(url, nwent[i].name))
return ap_proxyerror(r, HTTP_FORBIDDEN,
"Connect to remote machine blocked");
}
(7) we can do the similar thing for the proxy_ftp.c and proxy_connect.c,
however, i choose to let it alone.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org