You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by BeerBong <al...@samara.net> on 2000/12/08 16:23:08 UTC

[BUG] Apache 1.3.14 front-end-back-end weirdness.

Hello!

I tried to migrate to Apache 1.3.14 from 1.3.12 ...
Heh.
After recompiling apache and starting the server with the same config get
400 Bad request on any request to mod_perl back-end server. Static html and
images are returned ok.

Some time was spent for hunting the problem.
Turn on rewriting log with level 9.

RewriteEngine On
RewriteLogLevel 9
RewriteLog /var/apache/simple_d/logs/rewrite.log
RewriteMap ports txt:/usr/local/apache/conf/port_d.map
RewriteRule ^/(.*\.s?asp)$ http://$host:${ports:%{SERVER_PORT}|8081}/$1
[P,L]

Request
/paper/test.asp
translated to
http://www.samara.ru:|8081}/paper/test.asp

It seems that mod_rewrite processes nested back references not correctly.
Just meets first closing brace and consider it as back reference.

I saw mod_rewrite fixes in CHANGES list, but it seems to be a candidate for
new fix.

During this hunting I found another security hole of my config...
http://forum.swarthmore.edu/epigone/modperl/shugrendbax/200004191847.NAA4593
4@Mercury.mcs.net
Proxy hijakers used my site very active, althoug in config was

RewriteRule ^proxy:.* - [F]

Fixed via ProxyRequests off...

----------------------------------------------
Sergey Polyakov - chief of WebZavod
http://www.webzavod.ru

Re: [BUG] Apache 1.3.14 front-end-back-end weirdness.

Posted by Erdmut Pfeifer <e....@science-computing.de>.

On Fri, Dec 08, 2000 at 07:23:08PM +0400, BeerBong wrote:
> Hello!
> 
> I tried to migrate to Apache 1.3.14 from 1.3.12 ...
> Heh.
> After recompiling apache and starting the server with the same config get
> 400 Bad request on any request to mod_perl back-end server. Static html and
> images are returned ok.
> 
> Some time was spent for hunting the problem.
> Turn on rewriting log with level 9.
> 
> RewriteEngine On
> RewriteLogLevel 9
> RewriteLog /var/apache/simple_d/logs/rewrite.log
> RewriteMap ports txt:/usr/local/apache/conf/port_d.map
> RewriteRule ^/(.*\.s?asp)$ http://$host:${ports:%{SERVER_PORT}|8081}/$1
> [P,L]
> 
> Request
> /paper/test.asp
> translated to
> http://www.samara.ru:|8081}/paper/test.asp
> 
> It seems that mod_rewrite processes nested back references not correctly.
> Just meets first closing brace and consider it as back reference.


Hello,

I observed the same problem with nested ${}/%{} statements such as


RewriteMap   actrl                prg:/usr/local/apache-1.3.12/bin/rewrite-map.pl
RewriteRule  ^/(ac-)?adm/?(.*)$   ${actrl:%{HTTP:Authorization}#a#/ac-adm/$2} [PT,L]
(... -- details irrelevant here)                              ^


what seems to be causing the problem is that the brace directly
following "Authorization" is interpreted as the closing brace for "${"
instead of "%{".