bugzilla at apache
Jul 29, 2013, 5:43 AM
Post #3 of 6
(48 views)
Permalink
|
|
[Bug 55323] Double unescaped uri in sub request handler
[In reply to]
|
|
https://issues.apache.org/bugzilla/show_bug.cgi?id=55323
--- Comment #3 from Eric Covener <covener [at] gmail> ---
(In reply to Simon Klinkert from comment #2)
> (In reply to Eric Covener from comment #1)
> > That looks too general, your symptom is that you pass file%#12file into a
> > rewriterule (-U check?) and it needs to be encoded at that point, but the
> > patch would re-escape anyone who sent in a properly escaped URL.
>
> First of all, thanks for your feedback!
>
> How do I encode the uri at "that point"?
>
> There is no -U involved. My rewrite rule looks like this:
>
> RewriteRule ^(/.*)? %{LA-U:ENV:storage_path}$1 [L]
$1 has captured a URL-escaped string. I think you can re-escabe it with the [B]
flag, or pull the unescaped version out of %{THE_REQUEST} in a rewritecond.
> In addition, I do not really see why this should be too general. The
> function ap_sub_req_method_uri does already a re-escaping if new_uri does
> not start with '/'. Why is that bad for the other case?
Sorry, did not look to closely and not too familiar with it. Was just concerned
generally about the scope of the change.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe [at] httpd
For additional commands, e-mail: bugs-help [at] httpd
|
