diff options
| -rw-r--r-- | main/SAPI.c | 12 | ||||
| -rw-r--r-- | main/main.c | 1 | ||||
| -rw-r--r-- | main/php_globals.h | 3 | ||||
| -rw-r--r-- | sapi/apache/mod_php4.c | 13 |
4 files changed, 21 insertions, 8 deletions
diff --git a/main/SAPI.c b/main/SAPI.c index 054d35dce2..ab83ca0079 100644 --- a/main/SAPI.c +++ b/main/SAPI.c @@ -306,8 +306,16 @@ SAPI_API void sapi_activate(TSRMLS_D) SG(rfc1867_uploaded_files) = NULL; if (SG(server_context)) { - if (SG(request_info).request_method - && !strcmp(SG(request_info).request_method, "POST")) { + if ( SG(request_info).request_method + && (!strcmp(SG(request_info).request_method, "POST") + || (PG(allow_webdav_methods) + && (!strcmp(SG(request_info).request_method, "PROPFIND") + || !strcmp(SG(request_info).request_method, "PROPPATCH") + || !strcmp(SG(request_info).request_method, "PUT") + || !strcmp(SG(request_info).request_method, "MOVE") + || !strcmp(SG(request_info).request_method, "POST") + || !strcmp(SG(request_info).request_method, "COPY") + || !strcmp(SG(request_info).request_method, "LOCK"))))) { if (!SG(request_info).content_type) { SG(request_info).content_type_dup = NULL; if(PG(always_populate_raw_post_data)) { diff --git a/main/main.c b/main/main.c index 311b7ba1a5..446e94786a 100644 --- a/main/main.c +++ b/main/main.c @@ -326,6 +326,7 @@ PHP_INI_BEGIN() STD_PHP_INI_BOOLEAN("allow_url_fopen", "1", PHP_INI_ALL, OnUpdateBool, allow_url_fopen, php_core_globals, core_globals) STD_PHP_INI_BOOLEAN("always_populate_raw_post_data", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, always_populate_raw_post_data, php_core_globals, core_globals) + STD_PHP_INI_BOOLEAN("allow_webdav_methods", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, allow_webdav_methods, php_core_globals, core_globals) PHP_INI_END() /* }}} */ diff --git a/main/php_globals.h b/main/php_globals.h index 10639de0a1..4f8755aa4b 100644 --- a/main/php_globals.h +++ b/main/php_globals.h @@ -139,7 +139,8 @@ struct _php_core_globals { zend_bool allow_url_fopen; zend_bool always_populate_raw_post_data; - + + zend_bool allow_webdav_methods; }; diff --git a/sapi/apache/mod_php4.c b/sapi/apache/mod_php4.c index dc0500da58..26573a6065 100644 --- a/sapi/apache/mod_php4.c +++ b/sapi/apache/mod_php4.c @@ -488,11 +488,6 @@ static int send_php(request_rec *r, int display_source_mode, char *filename) } zend_first_try { - /* We don't accept OPTIONS requests, but take everything else */ - if (r->method_number == M_OPTIONS) { - r->allowed |= (1 << METHODS) - 1; - return DECLINED; - } /* Make sure file exists */ if (filename == NULL && r->finfo.st_mode == 0) { @@ -503,6 +498,14 @@ static int send_php(request_rec *r, int display_source_mode, char *filename) if (per_dir_conf) { zend_hash_apply((HashTable *) per_dir_conf, (apply_func_t) php_apache_alter_ini_entries TSRMLS_CC); } + + /* We don't accept OPTIONS requests, but take everything else */ + if (!PG(allow_webdav_methods)) { + if (r->method_number == M_OPTIONS) { + r->allowed |= (1 << METHODS) - 1; + return DECLINED; + } + } /* If PHP parser engine has been turned off with an "engine off" * directive, then decline to handle this request |