60 lines
2.1 KiB
Diff
60 lines
2.1 KiB
Diff
From 7f5666375a3351e9c37589456b6fb3c92ef987c0 Mon Sep 17 00:00:00 2001
|
|
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
|
|
Date: Sat, 4 Aug 2018 08:55:33 +0200
|
|
Subject: [PATCH 09/11] don't return content with 503; see #331
|
|
|
|
since it turns the HTTP 503 status code into a 200 which we don't prefer
|
|
for XHR clients; users will see Apache specific readable text
|
|
|
|
Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
|
|
(cherry picked from commit 9e98f1a042fa14d6b0892638a0d87c2b951837b6)
|
|
---
|
|
ChangeLog | 4 +++-
|
|
src/mod_auth_openidc.c | 8 ++++++++
|
|
2 files changed, 11 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/ChangeLog b/ChangeLog
|
|
index 27f45be..dfe4bd6 100644
|
|
--- a/ChangeLog
|
|
+++ b/ChangeLog
|
|
@@ -1,8 +1,10 @@
|
|
+08/04/2018
|
|
+- don't return content with 503 since it will turn the HTTP status code into a 200; see #331
|
|
|
|
08/03/2018
|
|
- add option to set an upper limit to the number of concurrent state cookies via OIDCStateMaxNumberOfCookies; see #331
|
|
- make the default maximum number of parallel state cookies 7 instead of unlimited; see #331
|
|
-- bump o 2.3.8rc1
|
|
+- bump to 2.3.8rc1
|
|
|
|
07/06/2018
|
|
- abort when string length for remote user name substitution is larger than 255 characters
|
|
diff --git a/src/mod_auth_openidc.c b/src/mod_auth_openidc.c
|
|
index c0f65c6..e3817a9 100644
|
|
--- a/src/mod_auth_openidc.c
|
|
+++ b/src/mod_auth_openidc.c
|
|
@@ -833,12 +833,20 @@ static int oidc_authorization_request_set_cookie(request_rec *r,
|
|
* XHR client handle this?
|
|
*/
|
|
|
|
+ /*
|
|
+ * it appears that sending content with a 503 turns the HTTP status code
|
|
+ * into a 200 so we'll avoid that for now: the user will see Apache specific
|
|
+ * readable text anyway
|
|
+ *
|
|
return oidc_util_html_send_error(r, c->error_template,
|
|
"Too Many Outstanding Requests",
|
|
apr_psprintf(r->pool,
|
|
"No authentication request could be generated since there are too many outstanding authentication requests already; you may have to wait up to %d seconds to be able to create a new request",
|
|
c->state_timeout),
|
|
HTTP_SERVICE_UNAVAILABLE);
|
|
+ */
|
|
+
|
|
+ return HTTP_SERVICE_UNAVAILABLE;
|
|
}
|
|
|
|
/* assemble the cookie name for the state cookie */
|
|
--
|
|
2.26.2
|
|
|