Re: pr#543: %2F in PATH_INFO

["Roy T. Fielding" <fi...@kiwi.ics.uci.edu>]

>So I'm thinking that the %2F -> / mapping causing an error is ... well, a
>mistake.  I can't see why it would cause a security problem to let %2F
>expand to /. 

When I looked at it a while back, I didn't see any problem provided that
the %2F were converted before the path and access checks.  Note that we
only want to convert the ones in the path --- anything in the query args
should be left as-is.

....Roy