README.md
Rendering markdown...
--- httpd-2.4.66/modules/metadata/mod_setenvif.c 2026-05-05 14:45:40
+++ httpd-2.4.67/modules/metadata/mod_setenvif.c 2026-05-05 14:45:40
@@ -422,6 +422,12 @@
sei_cfg_rec *sconf;
sei_entry *new;
const char *err;
+ unsigned int flags = 0;
+
+ /* Use restricted ap_expr() parser in htaccess context. */
+ if (cmd->pool == cmd->temp_pool) {
+ flags |= AP_EXPR_FLAG_RESTRICTED;
+ }
/*
* Determine from our context into which record to put the entry.
@@ -445,7 +451,7 @@
new->regex = NULL;
new->pattern = NULL;
new->preg = NULL;
- new->expr = ap_expr_parse_cmd(cmd, expr, 0, &err, NULL);
+ new->expr = ap_expr_parse_cmd(cmd, expr, flags, &err, NULL);
if (err)
return apr_psprintf(cmd->pool, "Could not parse expression \"%s\": %s",
expr, err);