httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rpl...@apache.org
Subject svn commit: r773351 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS modules/mappers/mod_rewrite.c
Date Sun, 10 May 2009 15:06:27 GMT
Author: rpluem
Date: Sun May 10 15:06:26 2009
New Revision: 773351

URL: http://svn.apache.org/viewvc?rev=773351&view=rev
Log:
Merge r757427 from trunk:

* modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating
  a proxy rule in directory context, do escape the filename by
  default, since mod_proxy will not escape in that case due to the
  (deliberate) fixup hook ordering.

Thanks to: rpluem
PR: 46428

Submitted by: jorton
Reviewed by: rpluem, jim, wrowe

Modified:
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=773351&r1=773350&r2=773351&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Sun May 10 15:06:26 2009
@@ -5,6 +5,9 @@
      mod_proxy_ajp: Avoid delivering content from a previous request which
      failed to send a request body. PR 46949 [Ruediger Pluem]
 
+  *) mod_rewrite: When evaluating a proxy rule in directory context, do
+     escape the filename by default. PR 46428 [Joe Orton]
+
   *) mod_proxy_ajp: Check more strictly that the backend follows the AJP
      protocol. [Mladen Turk]
 

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=773351&r1=773350&r2=773351&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sun May 10 15:06:26 2009
@@ -87,14 +87,6 @@
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
- * mod_rewrite: Correctly encode spaces in proxied requests issued by rewrite
-   rules in directory context. PR 46428
-   Trunk version of patch:
-      http://svn.apache.org/viewvc?rev=757427&view=rev
-   Backport version for 2.2.x of patch:
-      http://people.apache.org/~rpluem/patches/46428_2.2.x.diff
-   +1: rpluem, jim, wrowe
-
  * mod_include: Prevent a case of SSI timefmt-smashing with filter chains
    including multiple INCLUDES filters
    Trunk version of patch:

Modified: httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c?rev=773351&r1=773350&r2=773351&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c (original)
+++ httpd/httpd/branches/2.2.x/modules/mappers/mod_rewrite.c Sun May 10 15:06:26 2009
@@ -3921,7 +3921,20 @@
      * ourself).
      */
     if (p->flags & RULEFLAG_PROXY) {
-	/* PR#39746: Escaping things here gets repeated in mod_proxy */
+       /* For rules evaluated in server context, the mod_proxy fixup
+        * hook can be relied upon to escape the URI as and when
+        * necessary, since it occurs later.  If in directory context,
+        * the ordering of the fixup hooks is forced such that
+        * mod_proxy comes first, so the URI must be escaped here
+        * instead.  See PR 39746, 46428, and other headaches. */
+       if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
+           char *old_filename = r->filename;
+
+           r->filename = ap_escape_uri(r->pool, r->filename);
+           rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir context "
+                       "for proxy, %s -> %s", old_filename, r->filename));
+       }
+
         fully_qualify_uri(r);
 
         rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",



Mime
View raw message