httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 55323] Double unescaped uri in sub request handler
Date Mon, 29 Jul 2013 12:30:12 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=55323

--- Comment #2 from Simon Klinkert <simon.klinkert@gmail.com> ---
(In reply to Eric Covener from comment #1)
> That looks too general, your symptom is that you pass file%#12file into a
> rewriterule (-U check?) and it needs to be encoded at that point, but the
> patch would re-escape  anyone who sent in a properly escaped URL.

First of all, thanks for your feedback!

How do I encode the uri at "that point"?

There is no -U involved. My rewrite rule looks like this:

RewriteRule ^(/.*)? %{LA-U:ENV:storage_path}$1 [L]

In addition, I do not really see why this should be too general. The function
ap_sub_req_method_uri does already a re-escaping if new_uri does not start with
'/'. Why is that bad for the other case?

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message