You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2009/03/23 16:59:37 UTC
svn commit: r757427 - /httpd/httpd/trunk/modules/mappers/mod_rewrite.c
Author: jorton
Date: Mon Mar 23 15:59:36 2009
New Revision: 757427
URL: http://svn.apache.org/viewvc?rev=757427&view=rev
Log:
* modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating
a proxy rule in directory context, do escape the filename by
default, since mod_proxy will not escape in that case due to the
(deliberate) fixup hook ordering.
Thanks to: rpluem
PR: 46428
Modified:
httpd/httpd/trunk/modules/mappers/mod_rewrite.c
Modified: httpd/httpd/trunk/modules/mappers/mod_rewrite.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_rewrite.c?rev=757427&r1=757426&r2=757427&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/mappers/mod_rewrite.c (original)
+++ httpd/httpd/trunk/modules/mappers/mod_rewrite.c Mon Mar 23 15:59:36 2009
@@ -4083,7 +4083,20 @@
* ourself).
*/
if (p->flags & RULEFLAG_PROXY) {
- /* PR#39746: Escaping things here gets repeated in mod_proxy */
+ /* For rules evaluated in server context, the mod_proxy fixup
+ * hook can be relied upon to escape the URI as and when
+ * necessary, since it occurs later. If in directory context,
+ * the ordering of the fixup hooks is forced such that
+ * mod_proxy comes first, so the URI must be escaped here
+ * instead. See PR 39746, 46428, and other headaches. */
+ if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
+ char *old_filename = r->filename;
+
+ r->filename = ap_escape_uri(r->pool, r->filename);
+ rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir context "
+ "for proxy, %s -> %s", old_filename, r->filename));
+ }
+
fully_qualify_uri(r);
rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",
Re: svn commit: r757427 - /httpd/httpd/trunk/modules/mappers/mod_rewrite.c
Posted by Jim Jagielski <ji...@jaguNET.com>.
Would it be useful to put some sort of notice of this
in r->notes? Not just here but everyplace we escape.
We get tripped up on this a lot :/
Just a thought (and maybe not a very good one)
On Mar 23, 2009, at 11:59 AM, jorton@apache.org wrote:
> Author: jorton
> Date: Mon Mar 23 15:59:36 2009
> New Revision: 757427
>
> URL: http://svn.apache.org/viewvc?rev=757427&view=rev
> Log:
> * modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating
> a proxy rule in directory context, do escape the filename by
> default, since mod_proxy will not escape in that case due to the
> (deliberate) fixup hook ordering.
>
> Thanks to: rpluem
> PR: 46428
>
> Modified:
> httpd/httpd/trunk/modules/mappers/mod_rewrite.c
>
> Modified: httpd/httpd/trunk/modules/mappers/mod_rewrite.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_rewrite.c?rev=757427&r1=757426&r2=757427&view=diff
> =
> =
> =
> =
> =
> =
> =
> =
> ======================================================================
> --- httpd/httpd/trunk/modules/mappers/mod_rewrite.c (original)
> +++ httpd/httpd/trunk/modules/mappers/mod_rewrite.c Mon Mar 23
> 15:59:36 2009
> @@ -4083,7 +4083,20 @@
> * ourself).
> */
> if (p->flags & RULEFLAG_PROXY) {
> - /* PR#39746: Escaping things here gets repeated in
> mod_proxy */
> + /* For rules evaluated in server context, the mod_proxy fixup
> + * hook can be relied upon to escape the URI as and when
> + * necessary, since it occurs later. If in directory
> context,
> + * the ordering of the fixup hooks is forced such that
> + * mod_proxy comes first, so the URI must be escaped here
> + * instead. See PR 39746, 46428, and other headaches. */
> + if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
> + char *old_filename = r->filename;
> +
> + r->filename = ap_escape_uri(r->pool, r->filename);
> + rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir
> context "
> + "for proxy, %s -> %s", old_filename, r-
> >filename));
> + }
> +
> fully_qualify_uri(r);
>
> rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with
> %s",
>
>