Apache HTTP Server Version 2.3
Available Languages: en
This document describes changes to the Apache HTTPD API from version 2.2 to 2.4, that may be of interest to module/application developers and core hacks. At the time of writing, the 2.4 API is not finalised, and this document may serve to highlight points that call for further review.
API changes fall into two categories: APIs that are altogether new, and existing APIs that are expanded or changed. The latter are further divided into those where all changes are back-compatible (so existing modules can ignore them), and those that might require attention by maintainers. As with the transition from HTTPD 2.0 to 2.2, existing modules and applications will require recompiling and may call for some attention, but most should not require any substantial updating (although some may be able to take advantage of API changes to offer significant improvements).
For the purpose of this document, the API is split according
to the public header files. These headers are themselves the
reference documentation, and can be used to generate a browsable
HTML reference with make docs
.
Introduces a new API to parse and evaluate boolean and algebraic expressions, including provision for a standard syntax and customised variants.
Introduces new API to enable apache child processes to serve different purposes.
ap_mpm_run
is replaced by a new mpm
hook.
Also ap_graceful_stop_signalled
is lost, and
ap_mpm_register_timed_callback
is new.
Introduces an API for modules to allocate and manage memory slots (normally) for shared memory.
API to manage a shared object cache.
common structures for heartbeat modules (should this be public API?)
When possible, registering all access control hooks (including authentication and authorization hooks) using AP_AUTH_INTERNAL_PER_CONF is recommended. If all modules' access control hooks are registered with this flag, then whenever the server handles an internal sub-request that matches the same set of access control configuration directives as the initial request (which is the common case), it can avoid invoking the access control hooks another time.
If your module requires the old behavior and must perform access control checks on every sub-request with a different URI from the initial request, even if that URI matches the same set of access control configuration directives, then use AP_AUTH_INTERNAL_PER_URI.
Introduces the new provider framework for authn and authz
This introduces low-level APIs to send arbitrary headers, and exposes functions to handle HTTP OPTIONS and TRACE.
The API for mod_request
, to make input data
available to multiple application/handler modules where required,
and to parse HTML form data.
ap_get_scoreboard_worker is gratuitously made non-back-compatible as an alternative version is introduced. Additional proxy_balancer support. Child status stuff revamped.
Introduces a new API for managing HTTP Cookies.
I have yet to get a handle on this update.
A wrapper for APR proc and global mutexes in httpd.
NEW: ap_args_to_table
NEW: ap_recent_ctime_ex
Available Languages: en