httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 44922] RewriteRules in .htaccess erroneously inject PATH_INFO
Date Sat, 02 Aug 2008 10:36:06 GMT

--- Comment #3 from Aleksander Budzynowski <>  2008-08-02 03:36:05
PST ---
"This is after all the swiss army knife of httpd."

And within .htaccess files it is more like a pair of plastic scissors because
of this bug.

Let me try to better explain the cause of the problem:

I have only seen it happen during RewriteRules in .htaccess files. This late in
the process, if the request is for a file in a non-existent directory (which I
might add is the kind of situation you often want to use mod_rewrite for), the
path will be split across r->filename and r->path_info.

Clearly the two parts need to be merged before a substitution is made. The
current code does this.

After a rule matches, the entire resultant path is saved to r->filename. This
renders the contents of r->path_info invalid. However, the code does not do
anything about this! If any subsequent rules match, the out-of-date
r->path_info will be injected again. Herein lies the problem.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message