httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthieu Estrade <mestr...@apache.org>
Subject ap_process_request_internal, unescape_url, reverse proxy and %00
Date Wed, 28 Jul 2010 09:22:23 GMT
Hi,

When apache is used with mod_proxy as reverse proxy and not proxy, and when there is a %00
in the url, the request is directly refused by the reverse proxy.

In the code, in ap_process_request_internal function (server/request.c):

/* Ignore embedded %2F's in path for proxy requests */
    if (!r->proxyreq && r->parsed_uri.path) {
        core_dir_config *d;
        d = ap_get_module_config(r->per_dir_config, &core_module);
        if (d->allow_encoded_slashes) {
            access_status = ap_unescape_url_keep2f(r->parsed_uri.path);
        }
        else {
            access_status = ap_unescape_url(r->parsed_uri.path);
        }
        if (access_status) {
            if (access_status == HTTP_NOT_FOUND) {
                if (! d->allow_encoded_slashes) {
                    ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
                                  "found %%2f (encoded '/') in URI "
                                  "(decoded='%s'), returning 404",
                                  r->parsed_uri.path);
                }
            }
            return access_status;
        }
    }


If mod_proxy is used, r->proxyreq contains something at this step, but if it's used as
a reverse proxy, r->proxyreq is empty and this block is executed.
The request containing %00 is answered as a 404 without contacting the backend server.

Is there a reason to not reverse proxy a request containing a %00 ?

Cheers,

Matthieu
Mime
View raw message