httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vadim N. Lyalikov" <vadim-lyali...@yandex.ru>
Subject [users@httpd] escaped input mod_rewrite
Date Mon, 01 Nov 2004 21:39:08 GMT
Hi, all.
Sorry for may be confusing you different (but valid) examples in my mails.
My global wish:
1) generate random string (each symbol can have *any* value - from 0 to 255)
2) escape all non safe chars in it (thought all, except alphanumeric and 
'_' and '-'). Result - my_escaped_random_string
3) create valid (rfc) http url, like 
http://host.com/path/word/my_escaped_random_string/index.html (my_url)
4) output this href with this url to UA
5) parse request_uri while processing this url:
    mod_rewrite appears at scene
6)redirect to url like:
    http://host.com/path/word.php?word_id=my_escaped_random_string
    mod_rewrite do big work and dissapears.
Trubbles come at stages 5)  and 6) -  percent symbols ('%') are 
automatically unescaped by apache. Seems at stage 5. And, as you may 
imagine, url in output of stage 6 may look awful, and for sure incorrect 
according to rfc. e.g. string = "?", so we get 
http://host.com/path/word.php?word_id=?. Error. And i want ...?word_id=%3F
%20 and %2F are just obvious examples.
Thanks for reply, once more.
Vadim.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message