Only predate the Last-Modified header for cgi responses

that are delivered with status code 404 or 503.

diff --git a/cgi.c b/cgi.c
index 32e6bec..6d305c6 100644 (file)
--- a/cgi.c
+++ b/cgi.c
@@ -1,4 +1,4 @@
-const char cgi_rcs[] = "$Id: cgi.c,v 1.74 2006/09/06 18:45:03 fabiankeil Exp $";
+const char cgi_rcs[] = "$Id: cgi.c,v 1.75 2006/09/07 11:56:39 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/cgi.c,v $
@@ -38,6 +38,12 @@ const char cgi_rcs[] = "$Id: cgi.c,v 1.74 2006/09/06 18:45:03 fabiankeil Exp $";
  *
  * Revisions   :
  *    $Log: cgi.c,v $
+ *    Revision 1.75  2006/09/07 11:56:39  fabiankeil
+ *    Mark cgi_send_user_manual as harmless,
+ *    to fix the access denied problem Hal spotted.
+ *    The manual has no secret content, therefore we
+ *    don't have to care about "secure" referrers.
+ *
  *    Revision 1.74  2006/09/06 18:45:03  fabiankeil
  *    Incorporate modified version of Roland Rosenfeld's patch to
  *    optionally access the user-manual via Privoxy. Closes patch 679075.
@@ -1805,16 +1811,16 @@ struct http_response *finish_http_response(struct http_response *rsp)
        * the current time doesn't exactly forbid caching, it just
        * requires the client to revalidate the cached copy.
        *
-       * If a temporary problem occurres and the user tries again after
+       * If a temporary problem occurs and the user tries again after
        * getting Privoxy's error message, a compliant browser may set the
        * If-Modified-Since header with the content of the error page's
        * Last-Modified header. More often than not, the document on the server
        * is older than Privoxy's error message, the server would send status code
        * 304 and the browser would display the outdated error message again and again.
        *
-       * As a last resort we set "Last-Modified" to Tim Berners-Lee's birthday,
-       * which predates the age of any page on the web and can be safely used to
-       * "revalidate" without getting a status code 304.
+       * For documents delivered with status code 404 or 503 we set "Last-Modified"
+       * to Tim Berners-Lee's birthday, which predates the age of any page on the web
+       * and can be safely used to "revalidate" without getting a status code 304.
        *
        * There is no need to let the useless If-Modified-Since header reach the
        * server, it is therefore stripped by client_if_modified_since in parsers.c.
@@ -1823,7 +1829,14 @@ struct http_response *finish_http_response(struct http_response *rsp)
 
       get_http_time(0, buf);
       if (!err) err = enlist_unique_header(rsp->headers, "Date", buf);
-      if (!err) err = enlist_unique_header(rsp->headers, "Last-Modified", "Wed, 08 Jun 1955 12:00:00 GMT");
+      if(!strncmpic(rsp->status, "404", 3) || !strncmpic(rsp->status, "503", 3))
+      {
+         if (!err) err = enlist_unique_header(rsp->headers, "Last-Modified", "Wed, 08 Jun 1955 12:00:00 GMT");
+      }
+      else
+      {
+         if (!err) err = enlist_unique_header(rsp->headers, "Last-Modified", buf);
+      }
       if (!err) err = enlist_unique_header(rsp->headers, "Expires", "Sat, 17 Jun 2000 12:00:00 GMT");
       if (!err) err = enlist_unique_header(rsp->headers, "Pragma", "no-cache");
    }