You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Brian Slesinsky <bs...@wired.com> on 1997/09/09 02:50:05 UTC
mod_rewrite/1103: mod_rewrite can't redirect URL's containing %2F
>Number: 1103
>Category: mod_rewrite
>Synopsis: mod_rewrite can't redirect URL's containing %2F
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache (Apache HTTP Project)
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Mon Sep 8 17:50:01 1997
>Originator: bslesins@wired.com
>Organization:
apache
>Release: 1.2.0
>Environment:
Solaris and Linux
>Description:
If there is a %2F (escaped '/') anwhere within a URL and it's redirected with
mod_rewrite, Apache will return an error instead of redirecting it. This causes
problems when we try to redirect a GET form submission and one of the form
variables contains a pathname.
This is probably because mod_rewrite calls unescape_url(), which deliberately
croaks for %2F.
>How-To-Repeat:
Add this to a config file:
RewriteEngine On
RewriteRule ^/foo http://www.apache.org/ [R]
Try this URL:
http://localhost/foo%2F
>Fix:
Provide an alternative to unescape_url() that doesn't do anything special for
%2F.
%0
>Audit-Trail:
>Unformatted: