You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Taso Devetzis <de...@snet.net> on 1997/02/24 06:50:01 UTC

protocol/187: Redirect not allowed for some absolute URIs (see PR #146)

>Number:         187
>Category:       protocol
>Synopsis:       Redirect not allowed for some absolute URIs (see PR #146)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sun Feb 23 21:50:01 1997
>Originator:     devetzis@snet.net
>Organization:
apache
>Release:        1.2b7
>Environment:
All
>Description:
Redirects to URLs with no net_loc component (like mailto:) fail at startup.

RFC 2068 says (section 14.30):

    Location       = "Location" ":" absoluteURI

Absolute URIs include mailto:, for example (as per RFC 1738).

While mailto: URLs do not refer to an object, redirecting to them is not
entirely insane.
>How-To-Repeat:
This line

    Redirect /foo/bar/ mailto:foo@bar.com

in the appropriate context will fail at runtime.
>Fix:
The following patch for 1.2b7 adds support for redirection to mailto: URLs.
A specific routine is added so as not to impact runtime performance (i.e.
is_url() is left alone).

Apply in "src" subdirectory.

--------------------------------------------------------------------------------
Common subdirectories: ../../apache_1.2b7/src/helpers and ./helpers
diff -c ../../apache_1.2b7/src/httpd.h ./httpd.h
*** ../../apache_1.2b7/src/httpd.h      Fri Feb 21 19:38:04 1997
--- ./httpd.h   Sun Feb 23 23:36:34 1997
***************
*** 644,649 ****
--- 644,650 ----
  int find_token (pool *p, const char *line, const char *tok);
       
  int is_url(const char *u);
+ int is_redirect_url(const char *u);
  extern int unescape_url(char *url);
  void no2slash(char *name);
  void getparents(char *name);
diff -c ../../apache_1.2b7/src/mod_alias.c ./mod_alias.c
*** ../../apache_1.2b7/src/mod_alias.c  Wed Jan  1 13:10:25 1997
--- ./mod_alias.c       Sun Feb 23 23:28:32 1997
***************
*** 158,164 ****
  
      if (is_HTTP_REDIRECT(status)) {
        if (!url) return "URL to redirect to is missing";
!       if (!is_url (url)) return "Redirect to non-URL";
      }
      else {
        if (url) return "Redirect URL not valid for this status";
--- 158,164 ----
  
      if (is_HTTP_REDIRECT(status)) {
        if (!url) return "URL to redirect to is missing";
!       if (!is_redirect_url (url)) return "Redirect to non-URL";
      }
      else {
        if (url) return "Redirect URL not valid for this status";
Common subdirectories: ../../apache_1.2b7/src/modules and ./modules
Common subdirectories: ../../apache_1.2b7/src/regex and ./regex
diff -c ../../apache_1.2b7/src/util.c ./util.c
*** ../../apache_1.2b7/src/util.c       Tue Feb 18 11:27:26 1997
--- ./util.c    Sun Feb 23 23:56:01 1997
***************
*** 915,920 ****
--- 915,926 ----
      else return 0;
  }
  
+ int is_redirect_url(const char *u) {
+   if (is_url (u))
+     return 1;
+   return strncasecmp (&u[0], "mailto:", 7) ? 0 : 1;
+ }
+ 
  int can_exec(const struct stat *finfo) {
  #ifdef MULTIPLE_GROUPS
    int cnt;
-------------------------------------------------------------------------------
>Audit-Trail:
>Unformatted: