lighttpd: backport more mod_cgi fixes queued for 1.4.46
authorRafał Miłecki <rafal@milecki.pl>
Thu, 29 Jun 2017 07:24:37 +0000 (09:24 +0200)
committerRafał Miłecki <rafal@milecki.pl>
Thu, 29 Jun 2017 08:23:59 +0000 (10:23 +0200)
commitf2539c5847cea6a36e3363babacd7d8f37252ec3
tree15a996e9b6167a3cf594e4efe3d808fbf3592bb6
parent46014e360fb8c721ed5b3951e42b759cdffa4ce4
lighttpd: backport more mod_cgi fixes queued for 1.4.46

The most important change is local redirects being disabled by default.
There is an option called cgi.local-redir that allows enabling this
optimization manually back if needed.

Local redirects were initially introduced in 1.4.40 but caused many
problems for *some* web services.

One of problems is breaking Post/Redirect/Get design pattern. With
redirects handled on server side there is no browser redirection making
it "lose" the POST data.

Another possible issue are HTML forms with action="". With CGI local
redirects browser may be sending form data to the wrong URL (the one
that was supposed to redirect the browser).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
net/lighttpd/Makefile
net/lighttpd/patches/0001-mod_cgi-RFC3875-CGI-local-redir-strict-adherence-210.patch [new file with mode: 0644]
net/lighttpd/patches/0001-mod_cgi-fix-CGI-local-redir-w-url.rewrite-once-fixes.patch [deleted file]
net/lighttpd/patches/0002-mod_cgi-fix-CGI-local-redir-w-url.rewrite-once-fixes.patch [new file with mode: 0644]
net/lighttpd/patches/0003-mod_cgi-status-200-OK-if-no-hdrs-deprecated-2786.patch [new file with mode: 0644]
net/lighttpd/patches/0004-mod_cgi-cgi.local-redir-enable-disable-2108-2793.patch [new file with mode: 0644]