[users@httpd] getting disk cache to respect removing key from request query string

[Anthony Biacco]

I'm using apache 2.4.23 under CentOS.
I have requests that are coming into apache that look like:

/path?key1=value&key2=value

I'm trying to remove the key1 parameter and value from the query string
(such that it would be /path?key2=value)
I managed to do this with a modified rewrite example form the apache wiki:

RewriteCond %{QUERY_STRING} (.*)(?:^|&)key1=(?:[^&]*)((?:&|$).*)
RewriteCond %1%2 (^|&)([^&].*|$)
RewriteRule ^(/path)$ $1?%2 [P]

I use [P] because /path is a webapp path that gets forwarded to tomcat with
ProxyPass. Without it, i'll get a 404, which is understandable.

My problem is, i also have a disk cache enabled on /path, so when i use the
above rewrite rule, even though the query string is rewritten correctly, in
the cache header files, i see that the original query string is in there
and used to created a cache file, i.e. creating different cache files for
different values of key1 instead of just for key2.

Is there any way i can rewrite the query string so that only the modified
query string is used to create the cache files?
The only way i found so far is to do a redirect in the rewrite rule with
[R]. I just don't want the extra overhead that goes along with that.

Thanks,

-Tony

Re: [users@httpd] Apache 2.4.12+ on Windows x64 stops responding to requests

[Paul Spangler]

On 8/8/2016 6:14 PM, Jacob Champion wrote:

On 07/25/2016 11:13 AM, Arthur Ramsey wrote:

I think I will try the following settings first, but failing that I'll
give the x86 build a try.

AcceptFilter https none


Any follow-up on this? I've been digging into the AcceptEx()
implementation, since it looks like there have been intermittent
problems with it for a while now. If you have a reproduction case, I'd
be happy to run with it.

--Jacob

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



We've also seen this in our 64-bit Apache 2.4.16 build on Windows. 
Specifically, accessing/refreshing a particular page in Chrome would 
lead to a 10-20 second hang for all clients, Firefox would maybe lead to 
a 2-5 second hang sometimes, but IE had no effect. The page had a 
mixture of static files (mainly JavaScript) and dynamic content loaded 
via Ajax. I was able to determine from the access log that the actual 
request processing took a normal amount of time, so the extra time must 
have occurred before the request start time was recorded (i.e. during 
accept/reading the request line).


Though in our case, we only needed to use

AcceptFilter http connect
AcceptFilter https connect

rather than turning it off completely using "none". Setting it to 
connect allows the server to recycle sockets.


I'll see if I can't look back into it and try to find a reproduction 
case again that I can narrow down.


--
Paul Spangler
LabVIEW R&D
National Instruments

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Is it possible to set different protocol for particular User-Agent?

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Daniel,

On 8/3/16 4:55 AM, Daniel wrote:
> No, by the time the user agent or any actual http data gets to be
> seen the protocol/cipher and complete ssl connection has already
> been stablished.
> 
> 2016-08-02 23:26 GMT+02:00 ghost  >:
> 
> Hello there,
> 
> I was trying to show a notice page to IE6 users since my site 
> doesn't support SSLv3 anymore. And the problem is how to enable 
> SSLv3 only for IE otherwise the IE6 users won't be able to see the
> page.
> 
> I found some tricks about '' in the documentation, which 
> allows me to set different protocol and cipher suites for
> particular URL. I wonder if there is a method to set the protocol
> for particular UA?
> 
> Thanks, ghost

There *is* a way to do this.. kind of. I did it long ago when we were
thinking about changing our protocol support, etc. I no longer have
the configuration, so I'll explain what we did:

1. Configure mod_ssl for the lowest protocol/ciphers you will support
2. Use  and/or  to change the TLS protocol
requirements for truly sensitive communication
3. Use mod_rewrite to check for certain protocols / ciphers and
redirect to a "protocol support is being dropped" page
4. Set a cookie when the user ACKs the protocol support change

It's messy, but it works.

The real solution is to simply disable SSLv3 since everybody has done
it already. MSIE6 can just die.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJXqf2XAAoJEBzwKT+lPKRYfiYP/3/2pY4U3V4YFCEkpY/N7VjP
uTO7PWb8f7GvNW7X0BT0RMkq1bhdw1N8lV6xWfouMgOAjwPYoHjLMHOyDFIdJUu/
5CA77bt7k4tijXHqJE3eINY4MJZ6Z/4XC41UYeSDTJBXdVFnEW/H2kOBC8yIWaQm
vQrDp5a8TEWCQ3UMU5UiBlT2X/7qAd0GK6KUW4z+PC09u/packXspZ+cfs+O7h7I
JDK8rRflIqVL1jELVRrqbj6js8jTgONV9PN7ArEGrWdiZG7ARaXM5C+BO6LN1zqf
qlW7tBRL6OksFaBreA4plhgCQOZjyGNb+LgXB/3xWF0Qb5fx+02Fzwdc14Cf4Im7
yIMYPAhSq+Myt9i5dFl5dustsYk39Gy9ro0gRulsXhPcrqiip6ldCHahN3sn1R03
u+HRIFIMYySmr+SKkdZK+JQ7Y/Qvtyw0RCkLReidwLhKqTkf9F3gVVcmQUqYLk7g
E3UiXsioy9TMiywbE8RSKC+8E+L0OG4kv5s4EHZ11F8ja38cDqrGdXOFt1L6yk/S
T801Oh4uMfJalpfTrlDUeOINB4G27G621tfZHBpjE42vO2Hle0BV2tmp9WzPDjwz
6sFCfKmn/cDT3vCiegxlsE2XtiADRPexHdoEzWm9m8ZoQGVW65ip0RkNUFcjmf2q
KQZGC5YToFII1lj5wE49
=UN7o
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache 2.4.12+ on Windows x64 stops responding to requests

[Jacob Champion]

On 08/09/2016 07:22 AM, Paul Spangler wrote:

Though in our case, we only needed to use

AcceptFilter http connect
AcceptFilter https connect

rather than turning it off completely using "none". Setting it to
connect allows the server to recycle sockets.

I'll see if I can't look back into it and try to find a reproduction
case again that I can narrow down.


Thanks Paul!

At this point, my primary suspect is our use of recycled OVERLAPPED 
structs without reinitializing them to zero. To make matters worse, 
we're setting the OVERLAPPED's internal .Pointer field in the 
AcceptFilter 'data' case -- which we're not supposed to be doing to 
begin with [1]. We don't do that in the 'connect' filter.


This is all just theorycrafting, though. I'll try to reproduce on my end 
too.


--Jacob

[1] 
https://msdn.microsoft.com/en-us/library/windows/desktop/ms684342(v=vs.85).aspx 
(the Members > Pointer section)


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] getting disk cache to respect removing key from request query string

[Yann Ylavic]

On Tue, Aug 9, 2016 at 9:03 AM, Anthony Biacco  wrote:
>
> Is there any way i can rewrite the query string so that only the modified
> query string is used to create the cache files?

Maybe you could try to delay mod_cache processing by using:
   CacheQuickHandler off

Regards,
Yann.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] getting disk cache to respect removing key from request query string

[Eric Covener]

On Tue, Aug 9, 2016 at 3:03 AM, Anthony Biacco  wrote:
> The only way i found so far is to do a redirect in the rewrite rule with
> [R]. I just don't want the extra overhead that goes along with that.


maybe [PT] + what Yann suggested.

-- 
Eric Covener
cove...@gmail.com

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] getting disk cache to respect removing key from request query string

[Anthony Biacco]

On Tue, Aug 9, 2016 at 4:47 PM, Eric Covener  wrote:

> On Tue, Aug 9, 2016 at 3:03 AM, Anthony Biacco  wrote:
> > The only way i found so far is to do a redirect in the rewrite rule with
> > [R]. I just don't want the extra overhead that goes along with that.
>
>
> maybe [PT] + what Yann suggested.
>
>
[PT] allowed it to go through like [P], but CacheQuickHandler Off (i did
have it set to On initially) made no difference. Still separate cache files.
To make it a little simpler, i tried the parameter removal on a static file
instead of a proxied url. No difference.

-Tony


> --
> Eric Covener
> cove...@gmail.com
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>