Module: check_mk
Branch: master
Commit: cc19b9e49aa362c30be3ad63b8b2d9c888454918
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=cc19b9e49aa362…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Thu Aug 13 10:02:48 2015 +0200
Fixed setting duplicate HTTP headers
---
web/htdocs/html_mod_python.py | 13 ++++++-------
web/htdocs/index.py | 4 ++--
2 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/web/htdocs/html_mod_python.py b/web/htdocs/html_mod_python.py
index e65b7e8..c141c4c 100644
--- a/web/htdocs/html_mod_python.py
+++ b/web/htdocs/html_mod_python.py
@@ -72,6 +72,9 @@ class html_mod_python(htmllib.html):
except:
pass
+ # Finish the HTTP request short before handing over to mod_python
+ def finalize(self, is_error=False):
+ self.live = None # disconnects from livestatus
def get_request_header(self, key, deflt=None):
return self.req.headers_in.get(key, deflt)
@@ -164,14 +167,10 @@ class html_mod_python(htmllib.html):
self.set_http_header('Location', url)
raise apache.SERVER_RETURN, apache.HTTP_MOVED_TEMPORARILY
- # Needs to set both, headers_out and err_headers_out to be sure to send
- # the header on all responses
- #
- # FIXME: err_headers_out are sent out when a HTTP error occures (which states are
treated as "errors"?)
- # AND when no error occures. headers_out is sent out in case of HTTP 200 (only?).
This leads to duplicated
- # HTTP headers in regular cases. Should be avoided - clean it up!
+ # When setting err_headers_out, don't set headers_out because setting
+ # err_headers_out is also setting headers_out within mod_python. Otherwise
+ # we would send out duplicate HTTP headers which might cause bugs.
def set_http_header(self, key, val):
- self.req.headers_out.add(key, val)
self.req.err_headers_out.add(key, val)
def check_limit(self, rows, limit):
diff --git a/web/htdocs/index.py b/web/htdocs/index.py
index 20845c7..194d5ac 100644
--- a/web/htdocs/index.py
+++ b/web/htdocs/index.py
@@ -298,7 +298,7 @@ def handler(req, fields = None, profiling = True):
(apache.SERVER_RETURN, apache.HTTP_UNAUTHORIZED),
(apache.SERVER_RETURN, apache.HTTP_MOVED_TEMPORARILY)):
release_all_locks()
- html.live = None
+ html.finalize(is_error=True)
raise
except Exception, e:
@@ -315,7 +315,7 @@ def handler(req, fields = None, profiling = True):
response_code = apache.OK
release_all_locks()
- html.live = None # disconnects from livestatus
+ html.finalize()
return response_code
def page_not_found():