You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ni...@apache.org on 2009/06/17 14:45:21 UTC

svn commit: r785575 - in /httpd/httpd/trunk: CHANGES modules/mappers/mod_alias.c

Author: niq
Date: Wed Jun 17 12:45:21 2009
New Revision: 785575

URL: http://svn.apache.org/viewvc?rev=785575&view=rev
Log:
mod_alias: Ensure Redirect issues a valid URL
PR 44020
Patch by Håkon Stordahl

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/mappers/mod_alias.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=785575&r1=785574&r2=785575&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Jun 17 12:45:21 2009
@@ -6,6 +6,9 @@
      mod_proxy_ajp: Avoid delivering content from a previous request which
      failed to send a request body. PR 46949 [Ruediger Pluem]
 
+  *) mod_alias: ensure Redirect issues a valid URL.
+     PR 44020 [Håkon Stordahl <hakon stordahl.org>]
+
   *) mod_dir: add DefaultHandler directive, to enable admin to specify
      an action to happen when a URL maps to no file, without resorting
      to ErrorDocument or mod_rewrite.  PR 47184 [Nick Kew]

Modified: httpd/httpd/trunk/modules/mappers/mod_alias.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_alias.c?rev=785575&r1=785574&r2=785575&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/mappers/mod_alias.c (original)
+++ httpd/httpd/trunk/modules/mappers/mod_alias.c Wed Jun 17 12:45:21 2009
@@ -425,11 +425,31 @@
 
     if ((ret = try_alias_list(r, serverconf->redirects, 1, &status)) != NULL) {
         if (ap_is_HTTP_REDIRECT(status)) {
-            /* include QUERY_STRING if any */
-            if (r->args) {
-                ret = apr_pstrcat(r->pool, ret, "?", r->args, NULL);
+            if (ret[0] == '/') {
+                char *orig_target = ret;
+
+                ret = ap_construct_url(r->pool, ret, r);
+                ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+                              "incomplete redirection target of '%s' for "
+                              "URI '%s' modified to '%s'",
+                              orig_target, r->uri, ret);
+            }
+            if (!ap_is_url(ret)) {
+                status = HTTP_INTERNAL_SERVER_ERROR;
+                ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+                              "cannot redirect '%s' to '%s'; "
+                              "target is not a valid absoluteURI or abs_path",
+                              r->uri, ret);
+            }
+            else {
+                /* append requested query only, if the config didn't
+                 * supply its own.
+                 */
+                if (r->args && !ap_strchr(ret, '?')) {
+                    ret = apr_pstrcat(r->pool, ret, "?", r->args, NULL);
+                }
+                apr_table_setn(r->headers_out, "Location", ret);
             }
-            apr_table_setn(r->headers_out, "Location", ret);
         }
         return status;
     }