httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn commit: r1497121 - in /httpd/httpd/branches/2.2.x: ./ CHANGES STATUS modules/dav/main/mod_dav.c
Date Wed, 26 Jun 2013 21:44:43 GMT
Author: wrowe
Date: Wed Jun 26 21:44:43 2013
New Revision: 1497121

URL: http://svn.apache.org/r1497121
Log:
mod_dav: Ensure URI is correctly uriencoded on return.

PR: 54611
Backports: r1476621
Submitted by: Timothy Wood <tjw omnigroup com>
Reviewed by: minfrin, trawick, wrowe


Modified:
    httpd/httpd/branches/2.2.x/   (props changed)
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c

Propchange: httpd/httpd/branches/2.2.x/
------------------------------------------------------------------------------
  Merged /httpd/httpd/trunk:r1476621

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1497121&r1=1497120&r2=1497121&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Wed Jun 26 21:44:43 2013
@@ -1,6 +1,7 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.25
 
+<<<<<<< .working
   *) SECURITY: CVE-2013-1862 (cve.mitre.org)
      mod_rewrite: Ensure that client data written to the RewriteLog is
      escaped to prevent terminal escape sequences from entering the
@@ -21,6 +22,9 @@ Changes with Apache 2.2.25
      URI that is not configured for DAV will trigger a segfault. [Ben Reser
      <ben reser.org>]
 
+  *) mod_dav: Ensure URI is correctly uriencoded on return. PR 54611
+     [Timothy Wood <tjw omnigroup.com>]
+
 Changes with Apache 2.2.24
 
   *) SECURITY: CVE-2012-3499 (cve.mitre.org)

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1497121&r1=1497120&r2=1497121&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Wed Jun 26 21:44:43 2013
@@ -114,12 +114,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
   
-  * mod_dav: Ensure URI is correctly uriencoded on return. PR 54611
-    [Timothy Wood <tjw omnigroup com>]
-    trunk patch: http://svn.apache.org/r1476621
-    2.2.x patch: trunk patch works (minus CHANGES)
-    +1: minfrin, trawick, wrowe
-
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]

Modified: httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c?rev=1497121&r1=1497120&r2=1497121&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c (original)
+++ httpd/httpd/branches/2.2.x/modules/dav/main/mod_dav.c Wed Jun 26 21:44:43 2013
@@ -623,7 +623,9 @@ static int dav_created(request_rec *r, c
     const char *body;
 
     if (locn == NULL) {
-        locn = r->uri;
+        locn = r->unparsed_uri;
+    } else {
+        locn = ap_escape_uri(r->pool, locn);
     }
 
     /* did the target resource already exist? */



Mime
View raw message