httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Cawley <cor...@corsix.org>
Subject argstr_to_table in util_script.c and encoded spaces
Date Wed, 08 Apr 2009 15:46:41 GMT
The argstr_to_table function in util_script.c (r763283, current svn
trunk) is meant to convert a query string into an APR table. It
currently splits the query string up by the & separator, then splits
the key and value by the = separator, then calls ap_unescape_url to
unescape the key and value.

Herein lies a problem; ap_unescape_url follows RFC1738, however query
strings follow RFC1738 but with the addition of encoding SPACE as "+".
This means that if argstr_to_table is called with input like
"a=a+b%2Bc&d=e+f", it'll return {"a" => "a+b+c", "d" => "e+f"},
however it should be returning {"a" => "a b+c", "d" => "e f"}.

Suggested fix: Change argstr_to_table to use unescape_qs instead of
ap_unescape_url, with unescape_qs defined as:

static void unescape_qs(char *str)
{
  char *s;
  for(s = str; *s; ++s) {
    if ('+' == *s) {
      *s = ' ';
    }
  }
  ap_unescape_url(str);
}

Mime
View raw message