* Always trust content types that we set literally

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1918814 13f79535-47bb-0310-9956-ffa450edef68 (cherry picked from commit aa4b05e)
apache · Jul 2, 2024 · ba5e247 · ba5e247
1 parent 5b978fb
commit ba5e247
Show file tree

Hide file tree

Showing 15 changed files with 22 additions and 22 deletions.
diff --git a/modules/cluster/mod_heartmonitor.c b/modules/cluster/mod_heartmonitor.c
@@ -782,7 +782,7 @@ static int hm_handler(request_rec *r)
     hmserver.seen = apr_time_now();
     hm_update_stat(ctx, &hmserver, r->pool);
 
-    ap_set_content_type(r, "text/plain");
+    ap_set_content_type_ex(r, "text/plain", 1);
     ap_set_content_length(r, 2);
     ap_rputs("OK", r);
     ap_rflush(r);

diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c
@@ -355,7 +355,7 @@ static int dav_error_response(request_rec *r, int status, const char *body)
     r->status = status;
     r->status_line = ap_get_status_line(status);
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     /* begin the response now... */
     ap_rvputs(r,
@@ -386,7 +386,7 @@ static int dav_error_response_tag(request_rec *r,
 {
     r->status = err->status;
 
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     ap_rputs(DAV_XML_HEADER DEBUG_CR
              "<D:error xmlns:D=\"DAV:\"", r);
@@ -544,7 +544,7 @@ DAV_DECLARE(void) dav_begin_multistatus(apr_bucket_brigade *bb,
 {
     /* Set the correct status and Content-Type */
     r->status = status;
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     /* Send the headers and actual multistatus response now... */
     ap_fputs(r->output_filters, bb, DAV_XML_HEADER DEBUG_CR
@@ -2016,7 +2016,7 @@ static int dav_method_options(request_rec *r)
 
     /* send the options response */
     r->status = HTTP_OK;
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     /* send the headers and response body */
     ap_rputs(DAV_XML_HEADER DEBUG_CR
@@ -3328,7 +3328,7 @@ static int dav_method_lock(request_rec *r)
     (*locks_hooks->close_lockdb)(lockdb);
 
     r->status = HTTP_OK;
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     ap_rputs(DAV_XML_HEADER DEBUG_CR "<D:prop xmlns:D=\"DAV:\">" DEBUG_CR, r);
     if (lock == NULL)

diff --git a/modules/examples/mod_example_hooks.c b/modules/examples/mod_example_hooks.c
@@ -993,7 +993,7 @@ static int x_handler(request_rec *r)
      * Set the Content-type header. Note that we do not actually have to send
      * the headers: this is done by the http core.
      */
-    ap_set_content_type(r, "text/html");
+    ap_set_content_type_ex(r, "text/html", 1);
     /*
      * If we're only supposed to send header information (HEAD request), we're
      * already there.

diff --git a/modules/filters/mod_data.c b/modules/filters/mod_data.c
@@ -117,7 +117,7 @@ static apr_status_t data_out_filter(ap_filter_t *f, apr_bucket_brigade *bb)
             }
         }
 
-        ap_set_content_type(r, "text/plain");
+        ap_set_content_type_ex(r, "text/plain", 1);
 
     }
 

diff --git a/modules/filters/mod_include.c b/modules/filters/mod_include.c
@@ -3972,7 +3972,7 @@ static int include_fixup(request_rec *r)
     if (r->handler && (strcmp(r->handler, "server-parsed") == 0))
     {
         if (!r->content_type || !*r->content_type) {
-            ap_set_content_type(r, "text/html");
+            ap_set_content_type_ex(r, "text/html", 1);
         }
         r->handler = "default-handler";
     }

diff --git a/modules/filters/mod_proxy_html.c b/modules/filters/mod_proxy_html.c
@@ -952,7 +952,7 @@ static apr_status_t proxy_html_filter(ap_filter_t *f, apr_bucket_brigade *bb)
                         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, f->r, APLOGNO(01422)
                                       "No i18n support found.  Install mod_xml2enc if required");
                     enc = XML_CHAR_ENCODING_NONE;
-                    ap_set_content_type(f->r, "text/html;charset=utf-8");
+                    ap_set_content_type_ex(f->r, "text/html;charset=utf-8", 1);
                 }
                 else {
                     /* if we wanted a non-default charset_out, insert the
@@ -968,7 +968,7 @@ static apr_status_t proxy_html_filter(ap_filter_t *f, apr_bucket_brigade *bb)
                                                         cenc, NULL));
                     }
                     else /* Normal case, everything worked, utf-8 output */
-                        ap_set_content_type(f->r, "text/html;charset=utf-8");
+                        ap_set_content_type_ex(f->r, "text/html;charset=utf-8", 1);
                 }
 
                 ap_fputs(f->next, ctxt->bb, ctxt->cfg->doctype);

diff --git a/modules/generators/mod_cgi.c b/modules/generators/mod_cgi.c
@@ -671,7 +671,7 @@ static apr_status_t include_cgi(include_ctx_t *ctx, ap_filter_t *f,
     /* Force sub_req to be treated as a CGI request, even if ordinary
      * typing rules would have called it something else.
      */
-    ap_set_content_type(rr, CGI_MAGIC_TYPE);
+    ap_set_content_type_ex(rr, CGI_MAGIC_TYPE, 1);
 
     /* Run it. */
     rr_status = ap_run_sub_req(rr);

diff --git a/modules/generators/mod_cgid.c b/modules/generators/mod_cgid.c
@@ -1666,7 +1666,7 @@ static apr_status_t include_cgi(include_ctx_t *ctx, ap_filter_t *f,
     /* Force sub_req to be treated as a CGI request, even if ordinary
      * typing rules would have called it something else.
      */
-    ap_set_content_type(rr, CGI_MAGIC_TYPE);
+    ap_set_content_type_ex(rr, CGI_MAGIC_TYPE, 1);
 
     /* Run it. */
     rr_status = ap_run_sub_req(rr);

diff --git a/modules/generators/mod_info.c b/modules/generators/mod_info.c
@@ -784,7 +784,7 @@ static int display_info(request_rec * r)
         return DECLINED;
     }
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     ap_rputs(DOCTYPE_XHTML_1_0T
              "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"

diff --git a/modules/generators/mod_status.c b/modules/generators/mod_status.c
@@ -273,7 +273,7 @@ static int status_handler(request_rec *r)
     if (r->method_number != M_GET)
         return DECLINED;
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     /*
      * Simple table-driven form data set parser that lets you alter the header
@@ -301,7 +301,7 @@ static int status_handler(request_rec *r)
                     no_table_report = 1;
                     break;
                 case STAT_OPT_AUTO:
-                    ap_set_content_type(r, "text/plain; charset=ISO-8859-1");
+                    ap_set_content_type_ex(r, "text/plain; charset=ISO-8859-1", 1);
                     short_report = 1;
                     break;
                 }

diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c
@@ -1261,7 +1261,7 @@ AP_DECLARE_NONSTD(int) ap_send_http_trace(request_rec *r)
         }
     }
 
-    ap_set_content_type(r, "message/http");
+    ap_set_content_type_ex(r, "message/http", 1);
 
     /* Now we recreate the request, and echo it back */
 

diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c
@@ -1443,10 +1443,10 @@ AP_DECLARE(void) ap_send_error_response(request_rec *r, int recursive_error)
             request_conf->suppress_charset = 1; /* avoid adding default
                                                  * charset later
                                                  */
-            ap_set_content_type(r, "text/html");
+            ap_set_content_type_ex(r, "text/html", 1);
         }
         else {
-            ap_set_content_type(r, "text/html; charset=iso-8859-1");
+            ap_set_content_type_ex(r, "text/html; charset=iso-8859-1", 1);
         }
 
         if ((status == HTTP_METHOD_NOT_ALLOWED)

diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c
@@ -171,7 +171,7 @@ static int util_ldap_handler(request_rec *r)
     st = (util_ldap_state_t *) ap_get_module_config(r->server->module_config,
             &ldap_module);
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     if (r->header_only)
         return OK;

diff --git a/modules/mappers/mod_imagemap.c b/modules/mappers/mod_imagemap.c
@@ -475,7 +475,7 @@ static int imap_reply(request_rec *r, const char *redirect)
 
 static void menu_header(request_rec *r, char *menu)
 {
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     ap_rvputs(r, DOCTYPE_HTML_3_2, "<html><head>\n<title>Menu for ",
               ap_escape_html(r->pool, r->uri),

diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c
@@ -1471,7 +1471,7 @@ static void balancer_display_page(request_rec *r, proxy_server_conf *conf,
 
     if (usexml) {
         char date[APR_RFC822_DATE_LEN];
-        ap_set_content_type(r, "text/xml");
+        ap_set_content_type_ex(r, "text/xml", 1);
         ap_rputs("<?xml version='1.0' encoding='UTF-8' ?>\n", r);
         ap_rputs("<httpd:manager xmlns:httpd='http://httpd.apache.org'>\n", r);
         ap_rputs("  <httpd:balancers>\n", r);