You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2023/03/19 21:29:59 UTC
svn commit: r1908536 - in /httpd/httpd/branches/2.4.x: ./ changes-entries/ modules/http2/ modules/proxy/
Author: covener
Date: Sun Mar 19 21:29:58 2023
New Revision: 1908536
URL: http://svn.apache.org/viewvc?rev=1908536&view=rev
Log:
Merge r1908302 from trunk:
move B=xx example to the bottom
show example with quoted flags and a space
Reviewed By: ylavic, rpluem, covener
Added:
httpd/httpd/branches/2.4.x/changes-entries/mapping_encode.txt
- copied unchanged from r1907977, httpd/httpd/trunk/changes-entries/mapping_encode.txt
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1907972,1907976-1907977,1908257
Modified: httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c (original)
+++ httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c Sun Mar 19 21:29:58 2023
@@ -154,20 +154,24 @@ static int proxy_http2_canon(request_rec
if (apr_table_get(r->notes, "proxy-nocanon")) {
path = url; /* this is the raw path */
}
+ else if (apr_table_get(r->notes, "proxy-noencode")) {
+ path = url; /* this is the encoded path already */
+ search = r->args;
+ }
else {
path = ap_proxy_canonenc(r->pool, url, (int)strlen(url),
enc_path, 0, r->proxyreq);
search = r->args;
- if (search && *(ap_scan_vchar_obstext(search))) {
- /*
- * We have a raw control character or a ' ' in r->args.
- * Correct encoding was missed.
- */
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10412)
- "To be forwarded query string contains control "
- "characters or spaces");
- return HTTP_FORBIDDEN;
- }
+ }
+ if (search && *ap_scan_vchar_obstext(search)) {
+ /*
+ * We have a raw control character or a ' ' in r->args.
+ * Correct encoding was missed.
+ */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10412)
+ "To be forwarded query string contains control "
+ "characters or spaces");
+ return HTTP_FORBIDDEN;
}
break;
case PROXYREQ_PROXY:
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c Sun Mar 19 21:29:58 2023
@@ -963,6 +963,8 @@ PROXY_DECLARE(int) ap_proxy_trans_match(
}
if (found) {
+ unsigned int encoded = ent->flags & PROXYPASS_MAP_ENCODED;
+
/* A proxy module is assigned this URL, check whether it's interested
* in the request itself (e.g. proxy_wstunnel cares about Upgrade
* requests only, and could hand over to proxy_http otherwise).
@@ -982,6 +984,9 @@ PROXY_DECLARE(int) ap_proxy_trans_match(
if (ent->flags & PROXYPASS_NOQUERY) {
apr_table_setn(r->notes, "proxy-noquery", "1");
}
+ if (encoded) {
+ apr_table_setn(r->notes, "proxy-noencode", "1");
+ }
if (servlet_uri) {
ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(10248)
@@ -995,13 +1000,13 @@ PROXY_DECLARE(int) ap_proxy_trans_match(
*/
AP_DEBUG_ASSERT(strlen(r->uri) >= strlen(servlet_uri));
strcpy(r->uri, servlet_uri);
- return DONE;
}
-
- ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(03464)
- "URI path '%s' matches proxy handler '%s'", r->uri,
- found);
- return OK;
+ else {
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(03464)
+ "URI path '%s' matches proxy handler '%s'", r->uri,
+ found);
+ }
+ return (encoded) ? DONE : OK;
}
return HTTP_CONTINUE;
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c Sun Mar 19 21:29:58 2023
@@ -65,20 +65,24 @@ static int proxy_ajp_canon(request_rec *
if (apr_table_get(r->notes, "proxy-nocanon")) {
path = url; /* this is the raw path */
}
+ else if (apr_table_get(r->notes, "proxy-noencode")) {
+ path = url; /* this is the encoded path already */
+ search = r->args;
+ }
else {
path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
r->proxyreq);
search = r->args;
- if (search && *(ap_scan_vchar_obstext(search))) {
- /*
- * We have a raw control character or a ' ' in r->args.
- * Correct encoding was missed.
- */
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10406)
- "To be forwarded query string contains control "
- "characters or spaces");
- return HTTP_FORBIDDEN;
- }
+ }
+ if (search && *ap_scan_vchar_obstext(search)) {
+ /*
+ * We have a raw control character or a ' ' in r->args.
+ * Correct encoding was missed.
+ */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10406)
+ "To be forwarded query string contains control "
+ "characters or spaces");
+ return HTTP_FORBIDDEN;
}
if (path == NULL)
return HTTP_BAD_REQUEST;
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c Sun Mar 19 21:29:58 2023
@@ -102,20 +102,24 @@ static int proxy_balancer_canon(request_
if (apr_table_get(r->notes, "proxy-nocanon")) {
path = url; /* this is the raw path */
}
+ else if (apr_table_get(r->notes, "proxy-noencode")) {
+ path = url; /* this is the encoded path already */
+ search = r->args;
+ }
else {
path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
r->proxyreq);
search = r->args;
- if (search && *(ap_scan_vchar_obstext(search))) {
- /*
- * We have a raw control character or a ' ' in r->args.
- * Correct encoding was missed.
- */
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10407)
- "To be forwarded query string contains control "
- "characters or spaces");
- return HTTP_FORBIDDEN;
- }
+ }
+ if (search && *ap_scan_vchar_obstext(search)) {
+ /*
+ * We have a raw control character or a ' ' in r->args.
+ * Correct encoding was missed.
+ */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10407)
+ "To be forwarded query string contains control "
+ "characters or spaces");
+ return HTTP_FORBIDDEN;
}
if (path == NULL)
return HTTP_BAD_REQUEST;
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c Sun Mar 19 21:29:58 2023
@@ -92,8 +92,9 @@ static int proxy_fcgi_canon(request_rec
host = apr_pstrcat(r->pool, "[", host, "]", NULL);
}
- if (apr_table_get(r->notes, "proxy-nocanon")) {
- path = url; /* this is the raw path */
+ if (apr_table_get(r->notes, "proxy-nocanon")
+ || apr_table_get(r->notes, "proxy-noencode")) {
+ path = url; /* this is the raw/encoded path */
}
else {
path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c Sun Mar 19 21:29:58 2023
@@ -121,20 +121,24 @@ static int proxy_http_canon(request_rec
if (apr_table_get(r->notes, "proxy-nocanon")) {
path = url; /* this is the raw path */
}
+ else if (apr_table_get(r->notes, "proxy-noencode")) {
+ path = url; /* this is the encoded path already */
+ search = r->args;
+ }
else {
path = ap_proxy_canonenc(r->pool, url, strlen(url),
enc_path, 0, r->proxyreq);
search = r->args;
- if (search && *(ap_scan_vchar_obstext(search))) {
- /*
- * We have a raw control character or a ' ' in r->args.
- * Correct encoding was missed.
- */
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10408)
- "To be forwarded query string contains control "
- "characters or spaces");
- return HTTP_FORBIDDEN;
- }
+ }
+ if (search && *ap_scan_vchar_obstext(search)) {
+ /*
+ * We have a raw control character or a ' ' in r->args.
+ * Correct encoding was missed.
+ */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10408)
+ "To be forwarded query string contains control "
+ "characters or spaces");
+ return HTTP_FORBIDDEN;
}
break;
case PROXYREQ_PROXY:
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c Sun Mar 19 21:29:58 2023
@@ -84,8 +84,14 @@ static int uwsgi_canon(request_rec *r, c
host = apr_pstrcat(r->pool, "[", host, "]", NULL);
}
- path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
- r->proxyreq);
+ if (apr_table_get(r->notes, "proxy-nocanon")
+ || apr_table_get(r->notes, "proxy-noencode")) {
+ path = url; /* this is the raw/encoded path */
+ }
+ else {
+ path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
+ r->proxyreq);
+ }
if (!path) {
return HTTP_BAD_REQUEST;
}
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c?rev=1908536&r1=1908535&r2=1908536&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c Sun Mar 19 21:29:58 2023
@@ -110,20 +110,24 @@ static int proxy_wstunnel_canon(request_
if (apr_table_get(r->notes, "proxy-nocanon")) {
path = url; /* this is the raw path */
}
+ else if (apr_table_get(r->notes, "proxy-noencode")) {
+ path = url; /* this is the encoded path already */
+ search = r->args;
+ }
else {
path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
r->proxyreq);
search = r->args;
- if (search && *(ap_scan_vchar_obstext(search))) {
- /*
- * We have a raw control character or a ' ' in r->args.
- * Correct encoding was missed.
- */
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10409)
- "To be forwarded query string contains control "
- "characters or spaces");
- return HTTP_FORBIDDEN;
- }
+ }
+ if (search && *ap_scan_vchar_obstext(search)) {
+ /*
+ * We have a raw control character or a ' ' in r->args.
+ * Correct encoding was missed.
+ */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10409)
+ "To be forwarded query string contains control "
+ "characters or spaces");
+ return HTTP_FORBIDDEN;
}
if (path == NULL)
return HTTP_BAD_REQUEST;
Re: svn commit: r1908536 - in /httpd/httpd/branches/2.4.x: ./ changes-entries/ modules/http2/ modules/proxy/
Posted by Eric Covener <co...@gmail.com>.
stale "clog"
On Sun, Mar 19, 2023 at 5:30 PM <co...@apache.org> wrote:
>
> Author: covener
> Date: Sun Mar 19 21:29:58 2023
> New Revision: 1908536
>
> URL: http://svn.apache.org/viewvc?rev=1908536&view=rev
> Log:
> Merge r1908302 from trunk:
>
> move B=xx example to the bottom
>
> show example with quoted flags and a space
>
>
> Reviewed By: ylavic, rpluem, covener
>
> Added:
> httpd/httpd/branches/2.4.x/changes-entries/mapping_encode.txt
> - copied unchanged from r1907977, httpd/httpd/trunk/changes-entries/mapping_encode.txt
> Modified:
> httpd/httpd/branches/2.4.x/ (props changed)
> httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c
> httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c
> httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c
> httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c
> httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c
> httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c
> httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c
> httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c
>
> Propchange: httpd/httpd/branches/2.4.x/
> ------------------------------------------------------------------------------
> Merged /httpd/httpd/trunk:r1907972,1907976-1907977,1908257
>
> Modified: httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/http2/mod_proxy_http2.c Sun Mar 19 21:29:58 2023
> @@ -154,20 +154,24 @@ static int proxy_http2_canon(request_rec
> if (apr_table_get(r->notes, "proxy-nocanon")) {
> path = url; /* this is the raw path */
> }
> + else if (apr_table_get(r->notes, "proxy-noencode")) {
> + path = url; /* this is the encoded path already */
> + search = r->args;
> + }
> else {
> path = ap_proxy_canonenc(r->pool, url, (int)strlen(url),
> enc_path, 0, r->proxyreq);
> search = r->args;
> - if (search && *(ap_scan_vchar_obstext(search))) {
> - /*
> - * We have a raw control character or a ' ' in r->args.
> - * Correct encoding was missed.
> - */
> - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10412)
> - "To be forwarded query string contains control "
> - "characters or spaces");
> - return HTTP_FORBIDDEN;
> - }
> + }
> + if (search && *ap_scan_vchar_obstext(search)) {
> + /*
> + * We have a raw control character or a ' ' in r->args.
> + * Correct encoding was missed.
> + */
> + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10412)
> + "To be forwarded query string contains control "
> + "characters or spaces");
> + return HTTP_FORBIDDEN;
> }
> break;
> case PROXYREQ_PROXY:
>
> Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy.c Sun Mar 19 21:29:58 2023
> @@ -963,6 +963,8 @@ PROXY_DECLARE(int) ap_proxy_trans_match(
> }
>
> if (found) {
> + unsigned int encoded = ent->flags & PROXYPASS_MAP_ENCODED;
> +
> /* A proxy module is assigned this URL, check whether it's interested
> * in the request itself (e.g. proxy_wstunnel cares about Upgrade
> * requests only, and could hand over to proxy_http otherwise).
> @@ -982,6 +984,9 @@ PROXY_DECLARE(int) ap_proxy_trans_match(
> if (ent->flags & PROXYPASS_NOQUERY) {
> apr_table_setn(r->notes, "proxy-noquery", "1");
> }
> + if (encoded) {
> + apr_table_setn(r->notes, "proxy-noencode", "1");
> + }
>
> if (servlet_uri) {
> ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(10248)
> @@ -995,13 +1000,13 @@ PROXY_DECLARE(int) ap_proxy_trans_match(
> */
> AP_DEBUG_ASSERT(strlen(r->uri) >= strlen(servlet_uri));
> strcpy(r->uri, servlet_uri);
> - return DONE;
> }
> -
> - ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(03464)
> - "URI path '%s' matches proxy handler '%s'", r->uri,
> - found);
> - return OK;
> + else {
> + ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, APLOGNO(03464)
> + "URI path '%s' matches proxy handler '%s'", r->uri,
> + found);
> + }
> + return (encoded) ? DONE : OK;
> }
>
> return HTTP_CONTINUE;
>
> Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c Sun Mar 19 21:29:58 2023
> @@ -65,20 +65,24 @@ static int proxy_ajp_canon(request_rec *
> if (apr_table_get(r->notes, "proxy-nocanon")) {
> path = url; /* this is the raw path */
> }
> + else if (apr_table_get(r->notes, "proxy-noencode")) {
> + path = url; /* this is the encoded path already */
> + search = r->args;
> + }
> else {
> path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
> r->proxyreq);
> search = r->args;
> - if (search && *(ap_scan_vchar_obstext(search))) {
> - /*
> - * We have a raw control character or a ' ' in r->args.
> - * Correct encoding was missed.
> - */
> - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10406)
> - "To be forwarded query string contains control "
> - "characters or spaces");
> - return HTTP_FORBIDDEN;
> - }
> + }
> + if (search && *ap_scan_vchar_obstext(search)) {
> + /*
> + * We have a raw control character or a ' ' in r->args.
> + * Correct encoding was missed.
> + */
> + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10406)
> + "To be forwarded query string contains control "
> + "characters or spaces");
> + return HTTP_FORBIDDEN;
> }
> if (path == NULL)
> return HTTP_BAD_REQUEST;
>
> Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_balancer.c Sun Mar 19 21:29:58 2023
> @@ -102,20 +102,24 @@ static int proxy_balancer_canon(request_
> if (apr_table_get(r->notes, "proxy-nocanon")) {
> path = url; /* this is the raw path */
> }
> + else if (apr_table_get(r->notes, "proxy-noencode")) {
> + path = url; /* this is the encoded path already */
> + search = r->args;
> + }
> else {
> path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
> r->proxyreq);
> search = r->args;
> - if (search && *(ap_scan_vchar_obstext(search))) {
> - /*
> - * We have a raw control character or a ' ' in r->args.
> - * Correct encoding was missed.
> - */
> - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10407)
> - "To be forwarded query string contains control "
> - "characters or spaces");
> - return HTTP_FORBIDDEN;
> - }
> + }
> + if (search && *ap_scan_vchar_obstext(search)) {
> + /*
> + * We have a raw control character or a ' ' in r->args.
> + * Correct encoding was missed.
> + */
> + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10407)
> + "To be forwarded query string contains control "
> + "characters or spaces");
> + return HTTP_FORBIDDEN;
> }
> if (path == NULL)
> return HTTP_BAD_REQUEST;
>
> Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_fcgi.c Sun Mar 19 21:29:58 2023
> @@ -92,8 +92,9 @@ static int proxy_fcgi_canon(request_rec
> host = apr_pstrcat(r->pool, "[", host, "]", NULL);
> }
>
> - if (apr_table_get(r->notes, "proxy-nocanon")) {
> - path = url; /* this is the raw path */
> + if (apr_table_get(r->notes, "proxy-nocanon")
> + || apr_table_get(r->notes, "proxy-noencode")) {
> + path = url; /* this is the raw/encoded path */
> }
> else {
> path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
>
> Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c Sun Mar 19 21:29:58 2023
> @@ -121,20 +121,24 @@ static int proxy_http_canon(request_rec
> if (apr_table_get(r->notes, "proxy-nocanon")) {
> path = url; /* this is the raw path */
> }
> + else if (apr_table_get(r->notes, "proxy-noencode")) {
> + path = url; /* this is the encoded path already */
> + search = r->args;
> + }
> else {
> path = ap_proxy_canonenc(r->pool, url, strlen(url),
> enc_path, 0, r->proxyreq);
> search = r->args;
> - if (search && *(ap_scan_vchar_obstext(search))) {
> - /*
> - * We have a raw control character or a ' ' in r->args.
> - * Correct encoding was missed.
> - */
> - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10408)
> - "To be forwarded query string contains control "
> - "characters or spaces");
> - return HTTP_FORBIDDEN;
> - }
> + }
> + if (search && *ap_scan_vchar_obstext(search)) {
> + /*
> + * We have a raw control character or a ' ' in r->args.
> + * Correct encoding was missed.
> + */
> + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10408)
> + "To be forwarded query string contains control "
> + "characters or spaces");
> + return HTTP_FORBIDDEN;
> }
> break;
> case PROXYREQ_PROXY:
>
> Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c Sun Mar 19 21:29:58 2023
> @@ -84,8 +84,14 @@ static int uwsgi_canon(request_rec *r, c
> host = apr_pstrcat(r->pool, "[", host, "]", NULL);
> }
>
> - path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
> - r->proxyreq);
> + if (apr_table_get(r->notes, "proxy-nocanon")
> + || apr_table_get(r->notes, "proxy-noencode")) {
> + path = url; /* this is the raw/encoded path */
> + }
> + else {
> + path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
> + r->proxyreq);
> + }
> if (!path) {
> return HTTP_BAD_REQUEST;
> }
>
> Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c?rev=1908536&r1=1908535&r2=1908536&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c (original)
> +++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_wstunnel.c Sun Mar 19 21:29:58 2023
> @@ -110,20 +110,24 @@ static int proxy_wstunnel_canon(request_
> if (apr_table_get(r->notes, "proxy-nocanon")) {
> path = url; /* this is the raw path */
> }
> + else if (apr_table_get(r->notes, "proxy-noencode")) {
> + path = url; /* this is the encoded path already */
> + search = r->args;
> + }
> else {
> path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
> r->proxyreq);
> search = r->args;
> - if (search && *(ap_scan_vchar_obstext(search))) {
> - /*
> - * We have a raw control character or a ' ' in r->args.
> - * Correct encoding was missed.
> - */
> - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10409)
> - "To be forwarded query string contains control "
> - "characters or spaces");
> - return HTTP_FORBIDDEN;
> - }
> + }
> + if (search && *ap_scan_vchar_obstext(search)) {
> + /*
> + * We have a raw control character or a ' ' in r->args.
> + * Correct encoding was missed.
> + */
> + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10409)
> + "To be forwarded query string contains control "
> + "characters or spaces");
> + return HTTP_FORBIDDEN;
> }
> if (path == NULL)
> return HTTP_BAD_REQUEST;
>
>
--
Eric Covener
covener@gmail.com