ASF Bugzilla – Attachment 33384 Details for
Bug 57813
Rewrite 'pre-compressed content' recipe using 2.4 metaphors
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
If statements plus supported encodings (bug 53121)
mod_deflate_patch.txt (text/plain), 2.91 KB, created by
Luca Toscano
on 2015-12-29 21:40:17 UTC
(
hide
)
Description:
If statements plus supported encodings (bug 53121)
Filename:
MIME Type:
Creator:
Luca Toscano
Created:
2015-12-29 21:40:17 UTC
Size:
2.91 KB
patch
obsolete
>Index: ../mod/mod_deflate.xml >=================================================================== >--- ../mod/mod_deflate.xml (revision 1721920) >+++ ../mod/mod_deflate.xml (working copy) >@@ -37,6 +37,20 @@ > </summary> > <seealso><a href="../filter.html">Filters</a></seealso> > >+<section id="supportedenc"><title>Supported Encodings</title> >+ <p> >+ Does the module support only gzip? The answer needs some background: >+ <a href="http://www.gzip.org/zlib/zlib_faq.html#faq38">http://www.gzip.org/zlib/zlib_faq.html#faq38</a></p> >+ >+ <note> >+ <p>What's the difference between the "gzip" and "deflate" HTTP 1.1 encodings?</p> >+ >+<p>"gzip" is the gzip format, and "deflate" is the zlib format. They should probably have called the second one "zlib" instead to avoid confusion with the raw deflate compressed data format. While the HTTP 1.1 RFC 2616 correctly points to the zlib specification in RFC 1950 for the "deflate" transfer encoding, there have been reports of servers and browsers that incorrectly produce or expect raw deflate data per the deflate specficiation in RFC 1951, most notably Microsoft. So even though the "deflate" transfer encoding using the zlib format would be the more efficient approach (and in fact exactly what the zlib format was designed for), using the "gzip" transfer encoding is probably more reliable due to an unfortunate choice of name on the part of the HTTP 1.1 authors. </p> >+ >+<p>Bottom line: use the gzip format for HTTP 1.1 encoding.</p> >+</note> >+</section> >+ > <section id="recommended"><title>Sample Configurations</title> > <note type="warning"><title>Compression and TLS</title> > <p>Some web applications are vulnerable to an information disclosure >@@ -174,7 +188,7 @@ > <example><title>Example</title> > <highlight language="config"> > Header set Vary * >- </highlight> >+ </highlight> > </example> > </section> > >@@ -191,17 +205,15 @@ > <IfModule mod_headers.c> > # Serve gzip compressed CSS files if they exist > # and the client accepts gzip. >- RewriteCond "%{HTTP:Accept-encoding}" "gzip" >- RewriteCond "%{REQUEST_FILENAME}\.gz" "-s" >- RewriteRule "^(.*)\.css" "$1\.css\.gz" [QSA] >- >+ <If "%{HTTP:Accept-encoding} =~ /gzip/ && -s '%{REQUEST_FILENAME}\.gz'"> >+ RewriteRule "^(.*)\.css" "$1\.css\.gz" [QSA] >+ </If> > # Serve gzip compressed JS files if they exist > # and the client accepts gzip. >- RewriteCond "%{HTTP:Accept-encoding}" "gzip" >- RewriteCond "%{REQUEST_FILENAME}\.gz" "-s" >- RewriteRule "^(.*)\.js" "$1\.js\.gz" [QSA] >- >- >+ <If "%{HTTP:Accept-encoding} =~ /gzip/ && -s '%{REQUEST_FILENAME}\.gz'"> >+ RewriteRule "^(.*)\.js" "$1\.js\.gz" [QSA] >+ </If> >+ > # Serve correct content types, and prevent mod_deflate double gzip. > RewriteRule "\.css\.gz$" "-" [T=text/css,E=no-gzip:1] > RewriteRule "\.js\.gz$" "-" [T=text/javascript,E=no-gzip:1]
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 57813
: 33384