You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2023/03/11 21:31:14 UTC
svn commit: r1908300 - in /httpd/test/framework/trunk/t: conf/extra.conf.in modules/rewrite.t
Author: covener
Date: Sat Mar 11 21:31:14 2023
New Revision: 1908300
URL: http://svn.apache.org/viewvc?rev=1908300&view=rev
Log:
test [P] flag
Modified:
httpd/test/framework/trunk/t/conf/extra.conf.in
httpd/test/framework/trunk/t/modules/rewrite.t
Modified: httpd/test/framework/trunk/t/conf/extra.conf.in
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/conf/extra.conf.in?rev=1908300&r1=1908299&r2=1908300&view=diff
==============================================================================
--- httpd/test/framework/trunk/t/conf/extra.conf.in (original)
+++ httpd/test/framework/trunk/t/conf/extra.conf.in Sat Mar 11 21:31:14 2023
@@ -272,10 +272,14 @@
RewriteRule ^/modules/rewrite/escaping/local/(.*) /?$1
RewriteRule ^/modules/rewrite/escaping/redir/(.*) http://@SERVERNAME@:@PORT@/?$1 [R]
RewriteRule ^/modules/rewrite/escaping/redir_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [R,NE]
+ RewriteRule ^/modules/rewrite/escaping/proxy/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
+ RewriteRule ^/modules/rewrite/escaping/proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
<LocationMatch ^/modules/rewrite/escaping/fixups/>
RewriteRule local/(.*) /?$1
RewriteRule redir/(.*) http://@SERVERNAME@:@PORT@/?$1 [R]
RewriteRule redir_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [R,NE]
+ RewriteRule proxy/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
+ RewriteRule proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P,NE]
</LocationMatch>
<VirtualHost cve_2011_3368_rewrite>
Modified: httpd/test/framework/trunk/t/modules/rewrite.t
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/modules/rewrite.t?rev=1908300&r1=1908299&r2=1908300&view=diff
==============================================================================
--- httpd/test/framework/trunk/t/modules/rewrite.t (original)
+++ httpd/test/framework/trunk/t/modules/rewrite.t Sat Mar 11 21:31:14 2023
@@ -17,12 +17,21 @@ my $r;
my @escapes = (
+ # rewrite to local/PT is not escaped
[ "/modules/rewrite/escaping/local/foo%20bar" => 403],
+ # rewrite to redir escaped by default
[ "/modules/rewrite/escaping/redir/foo%20bar" => 302],
+ # ... opted out
[ "/modules/rewrite/escaping/redir_ne/foo%20bar" => 403],
+ # rewrite never escapes proxy targets, even though [NE] is kind or repurposed.
+ [ "/modules/rewrite/escaping/proxy/foo%20bar" => 403],
+ [ "/modules/rewrite/escaping/proxy_ne/foo%20bar" => 403],
+
[ "/modules/rewrite/escaping/fixups/local/foo%20bar" => 403],
[ "/modules/rewrite/escaping/fixups/redir/foo%20bar" => 302],
[ "/modules/rewrite/escaping/fixups/redir_ne/foo%20bar" => 403],
+ [ "/modules/rewrite/escaping/fixups/proxy/foo%20bar" => 403],
+ [ "/modules/rewrite/escaping/fixups/proxy_ne/foo%20bar" => 403],
);
Re: svn commit: r1908300 - in /httpd/test/framework/trunk/t: conf/extra.conf.in modules/rewrite.t
Posted by Eric Covener <co...@gmail.com>.
On Mon, Mar 13, 2023 at 3:26 AM Ruediger Pluem <rp...@apache.org> wrote:
>
>
>
> On 3/11/23 10:31 PM, covener@apache.org wrote:
> > Author: covener
> > Date: Sat Mar 11 21:31:14 2023
> > New Revision: 1908300
> >
> > URL: http://svn.apache.org/viewvc?rev=1908300&view=rev
> > Log:
> > test [P] flag
> >
> > Modified:
> > httpd/test/framework/trunk/t/conf/extra.conf.in
> > httpd/test/framework/trunk/t/modules/rewrite.t
> >
> > Modified: httpd/test/framework/trunk/t/conf/extra.conf.in
> > URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/conf/extra.conf.in?rev=1908300&r1=1908299&r2=1908300&view=diff
> > ==============================================================================
> > --- httpd/test/framework/trunk/t/conf/extra.conf.in (original)
> > +++ httpd/test/framework/trunk/t/conf/extra.conf.in Sat Mar 11 21:31:14 2023
> > @@ -272,10 +272,14 @@
> > RewriteRule ^/modules/rewrite/escaping/local/(.*) /?$1
> > RewriteRule ^/modules/rewrite/escaping/redir/(.*) http://@SERVERNAME@:@PORT@/?$1 [R]
> > RewriteRule ^/modules/rewrite/escaping/redir_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [R,NE]
> > + RewriteRule ^/modules/rewrite/escaping/proxy/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
> > + RewriteRule ^/modules/rewrite/escaping/proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
>
> Shouldn't this be [P,NE] instead?
Thank you, fixed.
Re: svn commit: r1908300 - in /httpd/test/framework/trunk/t: conf/extra.conf.in modules/rewrite.t
Posted by Ruediger Pluem <rp...@apache.org>.
On 3/11/23 10:31 PM, covener@apache.org wrote:
> Author: covener
> Date: Sat Mar 11 21:31:14 2023
> New Revision: 1908300
>
> URL: http://svn.apache.org/viewvc?rev=1908300&view=rev
> Log:
> test [P] flag
>
> Modified:
> httpd/test/framework/trunk/t/conf/extra.conf.in
> httpd/test/framework/trunk/t/modules/rewrite.t
>
> Modified: httpd/test/framework/trunk/t/conf/extra.conf.in
> URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/conf/extra.conf.in?rev=1908300&r1=1908299&r2=1908300&view=diff
> ==============================================================================
> --- httpd/test/framework/trunk/t/conf/extra.conf.in (original)
> +++ httpd/test/framework/trunk/t/conf/extra.conf.in Sat Mar 11 21:31:14 2023
> @@ -272,10 +272,14 @@
> RewriteRule ^/modules/rewrite/escaping/local/(.*) /?$1
> RewriteRule ^/modules/rewrite/escaping/redir/(.*) http://@SERVERNAME@:@PORT@/?$1 [R]
> RewriteRule ^/modules/rewrite/escaping/redir_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [R,NE]
> + RewriteRule ^/modules/rewrite/escaping/proxy/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
> + RewriteRule ^/modules/rewrite/escaping/proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
Shouldn't this be [P,NE] instead?
> <LocationMatch ^/modules/rewrite/escaping/fixups/>
> RewriteRule local/(.*) /?$1
> RewriteRule redir/(.*) http://@SERVERNAME@:@PORT@/?$1 [R]
> RewriteRule redir_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [R,NE]
> + RewriteRule proxy/(.*) http://@SERVERNAME@:@PORT@/?$1 [P]
> + RewriteRule proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P,NE]
> </LocationMatch>
>
> <VirtualHost cve_2011_3368_rewrite>
>
Regards
Rüdiger