You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modproxy-dev@apache.org by "William A. Rowe, Jr." <wr...@rowe-clan.net> on 2001/09/03 20:14:43 UTC
Fw: mod_proxy/8277: URI escaping in the proxy module
Something to contemplate. I don't know that it's something to act on.
Maybe by a config directive, perhaps?
----- Original Message -----
From: "Tor Jonsson" <to...@vd.volvo.se>
To: <su...@bugz.apache.org>
Sent: Friday, August 31, 2001 9:05 AM
Subject: mod_proxy/8277: URI escaping in the proxy module
>
> >Number: 8277
> >Category: mod_proxy
> >Synopsis: URI escaping in the proxy module
> >Confidential: no
> >Severity: non-critical
> >Priority: medium
> >Responsible: apache
> >State: open
> >Quarter:
> >Keywords:
> >Date-Required:
> >Class: change-request
> >Submitter-Id: apache
> >Arrival-Date: Fri Aug 31 07:10:00 PDT 2001
> >Closed-Date:
> >Last-Modified:
> >Originator: tor.jonsson@vd.volvo.se
> >Release: 1.3.20
> >Organization:
> apache
> >Environment:
> Any
> >Description:
> When setting up the Apache as a reverse proxy against a server the proxy module
> escapes the tilde ~ character in the URI. Rfc2396 states that this escaping
> is not required.
> Some applications I try to reach through the reverse proxy doesn't unescape the URI properly (Stupid applications running on IIS).
> I know this is a bug in the target server to not unescape the URI but since this
> workaround complies with the rfc I think it should be implemented.
> >How-To-Repeat:
> httpd.conf
> ServerName myreverseproxy.com
> ProxyPass / http://mytarget.com/
> ProxyPassReverse / http://mytarget.com/
>
> Original request:
> http://myreverseproxy.com/test/~blaha
> This will render in:
> http://mytarget.com/test/%7Eblaha
> >Fix:
> Add the tilde character to allowed characters in function ap_proxy_canonenc in proxy_util.c
> >Release-Note:
> >Audit-Trail:
> >Unformatted:
> [In order for any reply to be added to the PR database, you need]
> [to include <ap...@Apache.Org> in the Cc line and make sure the]
> [subject line starts with the report component and number, with ]
> [or without any 'Re:' prefixes (such as "general/1098:" or ]
> ["Re: general/1098:"). If the subject doesn't match this ]
> [pattern, your message will be misfiled and ignored. The ]
> ["apbugs" address is not added to the Cc line of messages from ]
> [the database automatically because of the potential for mail ]
> [loops. If you do not include this Cc, your reply may be ig- ]
> [nored unless you are responding to an explicit request from a ]
> [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]
>
>
>
>