httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Axel-Stéphane SMORGRAV <Axel-Stephane.SMORG...@europe.adp.com>
Subject RE: [users@httpd] mod_rewrite & mod_proxy & %2F in URL
Date Tue, 13 Jun 2006 12:39:23 GMT
I just checked the online documentation on httpd.apache.org/docs/2.0 and discovered that contrary
to what I have locally (2.0.54), the NE flag is indeed described in the latest version of
the mod_rewrite documentation.

http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewriterule :

'noescape|NE' (no URI escaping of output)
This flag prevents mod_rewrite from applying the usual URI escaping rules to the result of
a rewrite. Ordinarily, special characters (such as '%', '$', ';', and so on) will be escaped
into their hexcode equivalents ('%25', '%24', and '%3B', respectively); this flag prevents
this from happening. This allows percent symbols to appear in the output, as in

RewriteRule /foo/(.*) /bar?arg=P1\%3d$1 [R,NE]
which would turn '/foo/zed' into a safe request for '/bar?arg=P1=zed'.


-ascs

-----Original Message-----
From: Axel-Stéphane SMORGRAV 
Sent: Tuesday, June 13, 2006 2:34 PM
To: users@httpd.apache.org; Markus Stockhausen
Subject: RE: [users@httpd] mod_rewrite & mod_proxy & %2F in URL

I thought there was a flag blocking URL escaping in rewrite rules, but I am actually unable
to find it in the module documentation. Checking the code, however, I found the following:

bash-2.03$ grep -n NOESCAPE mod_rewrite.h
125:#define RULEFLAG_NOESCAPE           1<<13
128:#define ACTION_NOESCAPE             1<<1
bash-2.03$ 

from mod_rewrite.c

    else if (   strcasecmp(key, "noescape") == 0
        || strcasecmp(key, "NE") == 0       ) {
        cfg->flags |= RULEFLAG_NOESCAPE;
    }

Could you try adding the NE flag to your rewrite rule and see what happens ?? 

-ascs

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message