Add .opus extension for audio/ogg mimetype, per RFC 7845
RFC 7845: https://tools.ietf.org/html/rfc7845#section-9
Submitted by: Richard de Boer <richard tubul.net>
Github: closes#144
Merge of PR 318:
*) core: the conf/mime.types has been updated in conformance with RFC 9239:
- .js moved from 'application/javascript' to 'text/javascript'
- .mjs was added as 'text/javascript'
[Mathias Bynens <@mathiasbynens> via PR 318]
Add application/vnd.geogebra.slides mime type
Submitted by: Zbynek Konecny <zbynek1729 gmail.com>
Github: closes#207
Add WebAssembly MIME type and file extension
Submitted by: Dave Hodder <dmh dmh.org.uk>
Github: closes#332
Reviewed by: jorton, icing, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1911060 13f79535-47bb-0310-9956-ffa450edef68
According to comment in 'magic_rsl_add' and to the way 'magic_rsl_printf' manages its buffer, I think that this memory should be apr_pstrdup'ed.
This has been like that forever, but seems broken to me.
Untested.
* docs/conf/magic: Allow mod_mime_magic to return "audio/x-wav" for
WAV files, and omit returning "audio/unknown" for other RIFF
format files. Having a MIME type defined on a continuation line
*and* the preceding top-level match breaks mod_mime_magic, which
treats the second result "printed" as the MIME encoding. Neither
audio/x-wav nor audio/unknown are IANA registered, though Firefox
and Chrome both appear to recognize the former. Since the RIFF
format can contain non-audio media, returning audio/unknown as
a fallback for all RIFF files appears to be bogus anyway.
Submitted by: Àngel Ollé Blázquez <aollebla redhat.com>
Submitted by: jailletc36
Reviewed by: jorton, jim, icing
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1862604 13f79535-47bb-0310-9956-ffa450edef68
has been reclassified in current OpenSSL releases as WEAK due to 112
or fewer bits of remaining cipher strength, while the Sweet32 disclosure
extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
same issue, is never enabled by default in OpenSSL, due to patent concerns.)
This commit does not change default httpd behavior, but alters the suggested
behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
The same net effect occurs where OpenSSL is updated to 1.1.0.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1795359 13f79535-47bb-0310-9956-ffa450edef68
LanguagePriority by a first-order comparison and drop negligable translations
from our ordered priority preference list entirely.
A better comparison would be total number of documents in-sync, or some
convoluted weight ordering each document by which are more in sync than
others. Leaving that puzzle to an interested hacker.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1791808 13f79535-47bb-0310-9956-ffa450edef68
httpoxy workarounds, first draft patch as published for all 2.2.x+ sources
Optimization to httpoxy workaround, for 2.4.23+ only.
Submitted by: Dominic Scheirlinck <dominic vendhq.com>, ylavic
Reviewed/backported by: wrowe, jim, ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1756559 13f79535-47bb-0310-9956-ffa450edef68
Remove commented-out SSLStaplingForceURL at global scope.
Global or not, its use is specialized and those that need it won't need a sample,
and others may be confused.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1634737 13f79535-47bb-0310-9956-ffa450edef68
for TLS, RFC 5054).
Including some improvements as suggested by Kaspar
PR: 51075
Submitted by: Quinn Slack <sqs cs stanford edu>, Christophe Renou,
Peter Sylvester
Backported by: sf
Reviewed by: sf, minfrin, rjung
Backports of r1347980 and r1348653 form trunk.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1420057 13f79535-47bb-0310-9956-ffa450edef68
Revert r1371878 -- default configuration changes that drop the DNT
header from IE10.
See:
Message-ID: <CALK=YjMGPNHBqNiad-ghzcEzxDovQgYOpjpSSyXmN=r74v43qg@mail.gmail.com>
PR 53845
Keep this in, but commented out: also provide a little
more background/rationale. This, hopefully, satisfies both
ends of the debate: we don't "assume" that everyone who
uses this browser didn't make the specific choice, but
we allow for admins who care about DNT and want to either
1. Make a statement
2. Force adherence to the standard
to easily do so.
Submitted by: covener, jim
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1389261 13f79535-47bb-0310-9956-ffa450edef68
changes.
The trunk patches for these all have some configuration breakage
as 2.4.x interprets the individual directive or API parameter as
relative to ServerRoot whereas trunk interprets everything
relative to DefaultRuntimeDir.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1373168 13f79535-47bb-0310-9956-ffa450edef68
mod_lbmethod_heartbeat, mod_heartmonitor: Respect DefaultRuntimeDir/
DEFAULT_REL_RUNTIMEDIR for the heartbeat storage file.
core: Respect DefaultRuntimeDir/DEFAULT_REL_RUNTIMEDIR for the
scoreboard (ScoreBoardFile).
The Pidfile directive and ap_log_pid()/ap_remove_pid()/ap_read_pid()
now respect DefaultRuntimeDir
Mutex directive: finish support of DefaultRuntimeDir
a partial conversion was made in r1299718, but I'm not
sure when that change is effective
mod_socache_shmcb and mod_socache_dbm: finish support of
DefaultRuntimeDir
a partial conversion was made in r1299718, affecting cases
where no filename was specified
mod_slotmem_plain: make the "filename" key relative to
DefaultRuntimeDir if not absolute
mod_slotmem_plain does not externalize or check the full path
in any way, so this change is just for consistency with other
modules which build paths to run-time artifacts.
make LDAPSharedCacheFile relative to DefaultRuntimeDir
Submitted by: trawick
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1373105 13f79535-47bb-0310-9956-ffa450edef68
Adapt Timeout to be the same as DEFAULT_TIMEOUT.
After all it's localted in a file called extra/httpd-default.conf
Submitted by: igalic
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1364599 13f79535-47bb-0310-9956-ffa450edef68
Change the SSLCipherSuite default to a shorter, whitelist
oriented definition, and add an example for a speed-optimized
configuration (commented out by default).
In the SSL How-To, streamline the SSLCipherSuite examples where
applicable (explicitly banning EXP and NULL is not needed when
only HIGH is specified).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1203753 13f79535-47bb-0310-9956-ffa450edef68
fix issue with incorrect munging of the lua package path -- LuaPackagePath directives were not working
Default to not allowing htaccess in /, instead of just the documentroot, which gets a nice 10% performance boost by default for me.
* modules/ssl/ssl_private.h, modules/ssl/ssl_engine_kernel.c
(ssl_callback_tlsext_tickets): Use unsigned char * to fix gcc
-Wpointer-sign warnings.
Only load the really imporant modules (i.e. those enabled by the 'few'
selection) by default. Don't handle modules enabled with --enable-foo
specially.
This fixes problems with module dependencies until someone implements a
mechanism for resolving module dependencies.
remove last traces of the code cache
* modules/proxy/mod_proxy_html.c (comp_urlmap): Fix const-ness warning.
* modules/lua/mod_lua.c (ap_lua_ssl_is_https): New function.
(lua_post_config): Pick up ssl_is_https optional function.
* modules/lua/lua_request.c (req_ssl_is_https_field): New function.
(ap_lua_load_request): Map is_https field to above.
remove some debug logging which snuck in
remove ability to set min and max pool sizes for server scope in prep for removing server scope
remove lingering reslist references before killing server scope
replace server scope with thread scope
use a sub-pool for scope_once
Fix installation of conf/extra/proxy-html.conf.
Otherwise httpd does no longer start, because
it is the only extra file required in the main
config at the moment.
Rebuild xdoc transform
Clarify docs for LimitRequestLine, as per bug #51665.
Rebuild doc transforms.
Submitted by: brianm, pquerna, jorton, sf, brianm, jorton, jorton, sf, pquerna, brianm, brianm, brianm, brianm, brianm, jorton, rjung, rbowen, rbowen, rbowen
Reviewed/backported by: jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1200981 13f79535-47bb-0310-9956-ffa450edef68
