You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by jo...@apache.org on 2009/03/23 16:59:37 UTC

svn commit: r757427 - /httpd/httpd/trunk/modules/mappers/mod_rewrite.c

Author: jorton
Date: Mon Mar 23 15:59:36 2009
New Revision: 757427

URL: http://svn.apache.org/viewvc?rev=757427&view=rev
Log:
* modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating
  a proxy rule in directory context, do escape the filename by
  default, since mod_proxy will not escape in that case due to the
  (deliberate) fixup hook ordering.

Thanks to: rpluem
PR: 46428

Modified:
    httpd/httpd/trunk/modules/mappers/mod_rewrite.c

Modified: httpd/httpd/trunk/modules/mappers/mod_rewrite.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_rewrite.c?rev=757427&r1=757426&r2=757427&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/mappers/mod_rewrite.c (original)
+++ httpd/httpd/trunk/modules/mappers/mod_rewrite.c Mon Mar 23 15:59:36 2009
@@ -4083,7 +4083,20 @@
      * ourself).
      */
     if (p->flags & RULEFLAG_PROXY) {
-        /* PR#39746: Escaping things here gets repeated in mod_proxy */
+        /* For rules evaluated in server context, the mod_proxy fixup
+         * hook can be relied upon to escape the URI as and when
+         * necessary, since it occurs later.  If in directory context,
+         * the ordering of the fixup hooks is forced such that
+         * mod_proxy comes first, so the URI must be escaped here
+         * instead.  See PR 39746, 46428, and other headaches. */
+        if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
+            char *old_filename = r->filename;
+            
+            r->filename = ap_escape_uri(r->pool, r->filename);
+            rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir context "
+                        "for proxy, %s -> %s", old_filename, r->filename));
+        }
+        
         fully_qualify_uri(r);
 
         rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",

Re: svn commit: r757427 - /httpd/httpd/trunk/modules/mappers/mod_rewrite.c

Posted by Jim Jagielski <ji...@jaguNET.com>.

Would it be useful to put some sort of notice of this
in r->notes? Not just here but everyplace we escape.
We get tripped up on this a lot :/

Just a thought (and maybe not a very good one)

On Mar 23, 2009, at 11:59 AM, jorton@apache.org wrote:

> Author: jorton
> Date: Mon Mar 23 15:59:36 2009
> New Revision: 757427
>
> URL: http://svn.apache.org/viewvc?rev=757427&view=rev
> Log:
> * modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating
> a proxy rule in directory context, do escape the filename by
> default, since mod_proxy will not escape in that case due to the
> (deliberate) fixup hook ordering.
>
> Thanks to: rpluem
> PR: 46428
>
> Modified:
>   httpd/httpd/trunk/modules/mappers/mod_rewrite.c
>
> Modified: httpd/httpd/trunk/modules/mappers/mod_rewrite.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_rewrite.c?rev=757427&r1=757426&r2=757427&view=diff
> =
> =
> =
> =
> =
> =
> =
> =
> ======================================================================
> --- httpd/httpd/trunk/modules/mappers/mod_rewrite.c (original)
> +++ httpd/httpd/trunk/modules/mappers/mod_rewrite.c Mon Mar 23  
> 15:59:36 2009
> @@ -4083,7 +4083,20 @@
>     * ourself).
>     */
>    if (p->flags & RULEFLAG_PROXY) {
> -        /* PR#39746: Escaping things here gets repeated in  
> mod_proxy */
> +        /* For rules evaluated in server context, the mod_proxy fixup
> +         * hook can be relied upon to escape the URI as and when
> +         * necessary, since it occurs later.  If in directory  
> context,
> +         * the ordering of the fixup hooks is forced such that
> +         * mod_proxy comes first, so the URI must be escaped here
> +         * instead.  See PR 39746, 46428, and other headaches. */
> +        if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
> +            char *old_filename = r->filename;
> +
> +            r->filename = ap_escape_uri(r->pool, r->filename);
> +            rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir  
> context "
> +                        "for proxy, %s -> %s", old_filename, r- 
> >filename));
> +        }
> +
>        fully_qualify_uri(r);
>
>        rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with  
> %s",
>
>