You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs@httpd.apache.org by bu...@apache.org on 2011/08/17 02:22:09 UTC
DO NOT REPLY [Bug 51669] New: Documentation of B flag needs to be
clearer, refer to AllowEncodedSlashes
https://issues.apache.org/bugzilla/show_bug.cgi?id=51669
Bug #: 51669
Summary: Documentation of B flag needs to be clearer, refer to
AllowEncodedSlashes
Product: Apache httpd-2
Version: 2.3-HEAD
Platform: PC
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Documentation
AssignedTo: docs@httpd.apache.org
ReportedBy: marcus@synchromedia.co.uk
Classification: Unclassified
The documentation for the mod_rewrite B-flag uses one poorly chosen example and
lacks a link to other important info.
http://httpd.apache.org/docs/current/rewrite/flags.html#flag_b
A better example would be when submitting parameters containg normal urlencoded
characters, and not special cases like '+', so given a typical rewrite like:
RewriteRule ^search/(.*)$ /search.php?term=$1
Given a search term of 'x & y/z', a browser will encode it as
'x%20%26%20y%2Fz', making the request 'search/x%20%26%20y%2Fz'. Without the B
flag, this rewrite rule will map to 'search.php?term=x & y/z', which isn't a
valid URL, and would behave as if you had requested:
'search.php?term=x%20&y%2Fz=', which is not what was intended.
With the B flag set on this same rule, the parameters are re-encoded before
being passed on to the output URL, resulting in a correct mapping to
'/search.php?term=x%20%26%20y%2Fz'.
Importantly, both of these examples will fail on a default apache configuration
because apache doesn't allow encoded slashes in URLs, and returns a 404 if it
sees one. This behaviour is overridable using the AllowEncodedSlashes directive
(and provide a cross-reference to that).
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
DO NOT REPLY [Bug 51669] Documentation of B flag needs to be
clearer, refer to AllowEncodedSlashes
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=51669
--- Comment #1 from Rich Bowen <rb...@apache.org> 2011-08-17 12:07:51 UTC ---
Thanks for this detailed example and explanation. I'll incorporate it into the
documentation as soon as I get a chance.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
DO NOT REPLY [Bug 51669] Documentation of B flag needs to be
clearer, refer to AllowEncodedSlashes
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=51669
Rich Bowen <rb...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #2 from Rich Bowen <rb...@apache.org> 2011-08-22 17:48:08 UTC ---
Thanks. I've applied your example in r1160345 in TRUNK.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org