httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: Why AllowEncodedSlashes config not merged?
Date Tue, 02 Nov 2010 18:03:48 GMT
On Tue, Nov 2, 2010 at 12:55 PM, Dan Poirier <poirier@pobox.com> wrote:
> Actually, from https://issues.apache.org/bugzilla/show_bug.cgi?id=35256,
> it appears AllowEncodedSlashes hasn't worked right for some time, so
> there doesn't seem much point in fixing its config merging.
>
> Given the discussion in that bug, I'm wondering if AllowEncodedSlashes
> should just be deprecated or removed entirely.  Thoughts?

I think it sees a lot of use, so it would be nice to see how the
current behavior affects several modules (e.g. default/proxy/cgi (if
some use  unparsed_uri maybe they could be misleading)) and fix the
doc then offer a "preserve" or "decode" option -- whichever isn't
happening now.  Might even be useful to have an additional escape of
%2f as mentioned by wrowe in the PR.


-- 
Eric Covener
covener@gmail.com

Mime
View raw message