You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Cliff Woolley <jw...@wlu.edu> on 1999/07/26 09:11:13 UTC

mod_rewrite/4766: RewriteRule behaves unexpectedly when URL contains an ampersand

>Number:         4766
>Category:       mod_rewrite
>Synopsis:       RewriteRule behaves unexpectedly when URL contains an ampersand
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Mon Jul 26 00:20:03 PDT 1999
>Last-Modified:
>Originator:     jwoolley@wlu.edu
>Organization:
apache
>Release:        1.3.6
>Environment:
Slackware 4.0, Linux 2.2.9, gcc egcs-2.91.66 19990314, i686
>Description:
In a URL containing an ampersand (%26), the & is magically translated (under a
certain set of conditions) to the results of the last RewriteMap lookup, which
is wrong as far as I know.
>How-To-Repeat:
# lookup a ~username in a custom way using a rewritemap, return
# filesystem path and append to it the rest of the URL
RewriteMap   homedir          prg:/usr/local/bin/homedirlookup.pl
RewriteCond  ${homedir:$1}    (.+)
RewriteRule  ^/~([^/]+)(.*)$  %1$2

If the (.*) part of the URL (ie, the part that becomes $2) contains an
ampersand (as in /~bob/this&that.gif ), the & in $2 will be
mysteriously translated to a duplicate of the results of the last RewriteMap
(which in this case are also located in %1).  Therefore, if the results of
the map lookup had been /home/server/bob, the URL would be rewritten to
/home/server/bob/this/home/server/bobthat.gif  rather than the
/home/server/bob/this&that.gif that is expected.
>Fix:
My temporary work-around is to backslash the ampersands with a stupid set of
perl scripts that just look for ampersands and backslash them if they exist
prior to the above set of rules and un-backslash them if they still exist
after the above rules.  It's not a good solution, as it involves a lot of
overhead that shouldn't be necessary.  I'm also using the int:escape and
int:unescape RewriteMap functions for other reasons... those might provide
another workaround on their own.

I'm looking through the code for mod_rewrite to try and find possible culprits
here, but I haven't had the time to really concentrate on it yet.
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <ap...@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]