You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2005/08/04 19:08:01 UTC
svn commit: r227435 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS
modules/proxy/proxy_util.c
Author: jim
Date: Thu Aug 4 10:07:57 2005
New Revision: 227435
URL: http://svn.apache.org/viewcvs?rev=227435&view=rev
Log:
mod_proxy: Fix over-eager handling of '%' for reverse proxies. PR 29554.
Modified:
httpd/httpd/branches/2.0.x/CHANGES
httpd/httpd/branches/2.0.x/STATUS
httpd/httpd/branches/2.0.x/modules/proxy/proxy_util.c
Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?rev=227435&r1=227434&r2=227435&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Thu Aug 4 10:07:57 2005
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.0.55
+ *) mod_proxy: Fix over-eager handling of '%' for reverse proxies.
+ PR 29554. [Jim Jagielski]
+
*) mod_ldap: Fix a possible crash in shared memory cache handling.
PR 34209. [Joe Orton]
Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?rev=227435&r1=227434&r2=227435&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Thu Aug 4 10:07:57 2005
@@ -191,14 +191,6 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ please append new backports at the end of this list not the top. ]
- *) ap_proxy_canonenc() is over-eager in handling '%' for reverse
- proxies (PR: 29554).
- Index: modules/proxy/proxy_util.c
- - if (isenc && ch == '%') {
- + if (isenc && (isenc != PROXYREQ_REVERSE) && ch == '%') {
-
- +1: jim, pquerna, wrowe
-
*) several changes to improve logging of connection-oriented errors, including
ap_log_cerror() API (needs minor bump in addition to changes below)
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/core.c?r1=1.289&r2=1.291
Modified: httpd/httpd/branches/2.0.x/modules/proxy/proxy_util.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/proxy/proxy_util.c?rev=227435&r1=227434&r2=227435&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/proxy/proxy_util.c (original)
+++ httpd/httpd/branches/2.0.x/modules/proxy/proxy_util.c Thu Aug 4 10:07:57 2005
@@ -161,7 +161,7 @@
continue;
}
/* decode it if not already done */
- if (isenc && ch == '%') {
+ if (isenc && (isenc != PROXYREQ_REVERSE) && (ch == '%')) {
if (!apr_isxdigit(x[i + 1]) || !apr_isxdigit(x[i + 2]))
return NULL;
ch = ap_proxy_hex2c(&x[i + 1]);
Re: svn commit: r227435 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS modules/proxy/proxy_util.c
Posted by André Malo <nd...@perlig.de>.
Nobody?
* André Malo wrote:
> Anyone?
>
> * Andr__ Malo <nd...@perlig.de> wrote:
> > * jim@apache.org wrote:
> > > Author: jim
> > > Date: Thu Aug 4 10:07:57 2005
> > > New Revision: 227435
> > >
> > > URL: http://svn.apache.org/viewcvs?rev=227435&view=rev
> > > Log:
> > > mod_proxy: Fix over-eager handling of '%' for reverse proxies. PR
> > > 29554.
> >
> > Note that this patch broke certain RewriteRules out there, which proxy
> > URLs with path parameters (http://foo/bar;param?query). It might be
> > questionable if the Rules were written wrong in the first place, but
> > they are broken by the update to 2.0.55 now.
> >
> > For example, I have something like this (shortened):
> > RewriteMap e int:escape
> > RewriteRule ^/+(.*) \
> > http://backend/${e:$1}?i=${e:%{REMOTE_ADDR}}%{ENV:NEW_QUERY} [P,NE]
> >
> > If $1 contains a ';', it is escaped by the map to %3B but no longer
> > unescaped by mod_proxy.
> >
> > A possible solution would be, of course to be more careful with the
> > rule (splitting at the ;). A more general solution would be to add ; to
> > the safe T_OS_ESCAPE_PATH characters in gen_test_char.c. I'd prefer to
> > do the latter but dunno if there may be problems on non-unices.
> >
> > What do you think?
> >
> > nd
> > --
> > "Das Verhalten von Gates hatte mir bewiesen, dass ich auf ihn und seine
> > beiden Gefährten nicht zu zählen brauchte" -- Karl May, "Winnetou III"
> >
> > Im Westen was neues: <http://pub.perlig.de/books.html#apache2>
--
"Umfassendes Werk (auch fuer Umsteiger vom Apache 1.3)"
-- aus einer Rezension
<http://pub.perlig.de/books.html#apache2>
Re: svn commit: r227435 - in /httpd/httpd/branches/2.0.x: CHANGES
STATUS modules/proxy/proxy_util.c
Posted by André Malo <nd...@perlig.de>.
Anyone?
* Andr__ Malo <nd...@perlig.de> wrote:
> * jim@apache.org wrote:
>
> > Author: jim
> > Date: Thu Aug 4 10:07:57 2005
> > New Revision: 227435
> >
> > URL: http://svn.apache.org/viewcvs?rev=227435&view=rev
> > Log:
> > mod_proxy: Fix over-eager handling of '%' for reverse proxies. PR 29554.
>
> Note that this patch broke certain RewriteRules out there, which proxy URLs
> with path parameters (http://foo/bar;param?query). It might be questionable
> if the Rules were written wrong in the first place, but they are broken by
> the update to 2.0.55 now.
>
> For example, I have something like this (shortened):
> RewriteMap e int:escape
> RewriteRule ^/+(.*) \
> http://backend/${e:$1}?i=${e:%{REMOTE_ADDR}}%{ENV:NEW_QUERY} [P,NE]
>
> If $1 contains a ';', it is escaped by the map to %3B but no longer
> unescaped by mod_proxy.
>
> A possible solution would be, of course to be more careful with the rule
> (splitting at the ;). A more general solution would be to add ; to the safe
> T_OS_ESCAPE_PATH characters in gen_test_char.c. I'd prefer to do the latter
> but dunno if there may be problems on non-unices.
>
> What do you think?
>
> nd
> --
> "Das Verhalten von Gates hatte mir bewiesen, dass ich auf ihn und seine
> beiden Gefährten nicht zu zählen brauchte" -- Karl May, "Winnetou III"
>
> Im Westen was neues: <http://pub.perlig.de/books.html#apache2>
>
Re: svn commit: r227435 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS modules/proxy/proxy_util.c
Posted by André Malo <nd...@perlig.de>.
* jim@apache.org wrote:
> Author: jim
> Date: Thu Aug 4 10:07:57 2005
> New Revision: 227435
>
> URL: http://svn.apache.org/viewcvs?rev=227435&view=rev
> Log:
> mod_proxy: Fix over-eager handling of '%' for reverse proxies. PR 29554.
Note that this patch broke certain RewriteRules out there, which proxy URLs
with path parameters (http://foo/bar;param?query). It might be questionable
if the Rules were written wrong in the first place, but they are broken by
the update to 2.0.55 now.
For example, I have something like this (shortened):
RewriteMap e int:escape
RewriteRule ^/+(.*) \
http://backend/${e:$1}?i=${e:%{REMOTE_ADDR}}%{ENV:NEW_QUERY} [P,NE]
If $1 contains a ';', it is escaped by the map to %3B but no longer
unescaped by mod_proxy.
A possible solution would be, of course to be more careful with the rule
(splitting at the ;). A more general solution would be to add ; to the safe
T_OS_ESCAPE_PATH characters in gen_test_char.c. I'd prefer to do the latter
but dunno if there may be problems on non-unices.
What do you think?
nd
--
"Das Verhalten von Gates hatte mir bewiesen, dass ich auf ihn und seine
beiden Gefährten nicht zu zählen brauchte" -- Karl May, "Winnetou III"
Im Westen was neues: <http://pub.perlig.de/books.html#apache2>