httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <n...@webthing.com>
Subject Re: Broken URI-unescaping in mod_proxy
Date Thu, 13 Sep 2007 16:30:34 GMT
On Thu, 13 Sep 2007 07:45:06 -0700
"Roy T. Fielding" <fielding@gbiv.com> wrote:

> Changes to the request URI must be referred back to the client in the
> form of a redirect.  Any other choice will cause security holes in
> the request chain, somewhere.

Mapping URLs internally is the server's business.
Mapping /a/../b/foo to /b/foo is a change of URL if and only
if it uses an HTTP redirect.  If it happens internally, it's
an equivalence between the two URLs.

An origin server is just fine with such an equivalence, but

> The proxy (when acting as a proxy) must not change the URI.

This is exactly the bug I'm looking to fix.

> The reverse proxy (gateway) is just an origin server with a
> stupid name -- it must send a redirect if it makes the above
> change to a URI.

That would then be handled at the uri_decode stage, before
mod_proxy ever looks at it.

-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

Mime
View raw message