You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2009/05/10 17:06:27 UTC
svn commit: r773351 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
modules/mappers/mod_rewrite.c
Author: rpluem
Date: Sun May 10 15:06:26 2009
New Revision: 773351
URL: http://svn.apache.org/viewvc?rev=773351&view=rev
Log:
Merge r757427 from trunk:
* modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating
a proxy rule in directory context, do escape the filename by
default, since mod_proxy will not escape in that case due to the
(deliberate) fixup hook ordering.
Thanks to: rpluem
PR: 46428
Submitted by: jorton
Reviewed by: rpluem, jim, wrowe
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=773351&r1=773350&r2=773351&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Sun May 10 15:06:26 2009
@@ -5,6 +5,9 @@
mod_proxy_ajp: Avoid delivering content from a previous request which
failed to send a request body. PR 46949 [Ruediger Pluem]
+ *) mod_rewrite: When evaluating a proxy rule in directory context, do
+ escape the filename by default. PR 46428 [Joe Orton]
+
*) mod_proxy_ajp: Check more strictly that the backend follows the AJP
protocol. [Mladen Turk]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=773351&r1=773350&r2=773351&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sun May 10 15:06:26 2009
@@ -87,14 +87,6 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_rewrite: Correctly encode spaces in proxied requests issued by rewrite
- rules in directory context. PR 46428
- Trunk version of patch:
- http://svn.apache.org/viewvc?rev=757427&view=rev
- Backport version for 2.2.x of patch:
- http://people.apache.org/~rpluem/patches/46428_2.2.x.diff
- +1: rpluem, jim, wrowe
-
* mod_include: Prevent a case of SSI timefmt-smashing with filter chains
including multiple INCLUDES filters
Trunk version of patch:
Modified: httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c?rev=773351&r1=773350&r2=773351&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c (original)
+++ httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c Sun May 10 15:06:26 2009
@@ -3921,7 +3921,20 @@
* ourself).
*/
if (p->flags & RULEFLAG_PROXY) {
- /* PR#39746: Escaping things here gets repeated in mod_proxy */
+ /* For rules evaluated in server context, the mod_proxy fixup
+ * hook can be relied upon to escape the URI as and when
+ * necessary, since it occurs later. If in directory context,
+ * the ordering of the fixup hooks is forced such that
+ * mod_proxy comes first, so the URI must be escaped here
+ * instead. See PR 39746, 46428, and other headaches. */
+ if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
+ char *old_filename = r->filename;
+
+ r->filename = ap_escape_uri(r->pool, r->filename);
+ rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir context "
+ "for proxy, %s -> %s", old_filename, r->filename));
+ }
+
fully_qualify_uri(r);
rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",