Return-Path: 
 <users-return-83589-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 693 invoked from network); 2 Oct 2008 15:41:54 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 2 Oct 2008 15:41:54 -0000
Received: (qmail 7969 invoked by uid 500); 2 Oct 2008 15:41:42 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 7948 invoked by uid 500); 2 Oct 2008 15:41:42 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 7937 invoked by uid 99); 2 Oct 2008 15:41:42 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Oct 2008 08:41:42 -0700
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of tevans.uk@googlemail.com
 designates 74.125.78.147 as permitted sender)
Received: from [74.125.78.147] (HELO ey-out-1920.google.com) (74.125.78.147)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Oct 2008 15:40:38 +0000
Received: by ey-out-1920.google.com with SMTP id 4so354873eyg.48
        for <users@httpd.apache.org>; Thu, 02 Oct 2008 08:41:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlemail.com; s=gamma;
        h=domainkey-signature:received:received:subject:from:to:in-reply-to
         :references:content-type:date:message-id:mime-version:x-mailer;
        bh=G+x3nNzNdUtdl1hi+/UlHDFQOTpdrAlCzW6h+rpZZP8=;
        b=hyyzn/byi8q28FtChEVBs4H1/1QD2cjRBZkW0xBwY/mpFy96doV6xMcpm0FNIWIhlX
         /Z7f7pc9jIqra2Mx5RJJfo9mo9xBqjRMtdrTaWEl39FU/P91udE8MgM652Pj6a89qQmR
         0nZ+oX5+5DcFsUpLl5F+5ik9OEXdcqLJ4hQ3s=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=googlemail.com; s=gamma;
        h=subject:from:to:in-reply-to:references:content-type:date:message-id
         :mime-version:x-mailer;
        b=htxuNZ1YJxyRVZqMAsT/wlutBg0xgIYntwPY8GGplnTHw8lwHQQGReBLd8mJbg2f+T
         6a3+X4jXsAhY256LwasOxo24cK4qNKxtGZV/xc9+gVsC1QgQSQYqnD5apv6+3oRAhK7L
         /DdEVJi6B0XfJ2gJxMQgwZKDNlNGY1aMyrh3M=
Received: by 10.210.123.2 with SMTP id v2mr11576521ebc.147.1222962071674;
        Thu, 02 Oct 2008 08:41:11 -0700 (PDT)
Received: from ?127.0.0.1? ([217.206.187.80])
        by mx.google.com with ESMTPS id g11sm81013gve.8.2008.10.02.08.41.07
        (version=SSLv3 cipher=RC4-MD5);
        Thu, 02 Oct 2008 08:41:09 -0700 (PDT)
From: Tom Evans <tevans.uk@googlemail.com>
To: users@httpd.apache.org
In-Reply-To: <1222935551.7452.25.camel@localhost>
References: <1222868589.7452.19.camel@localhost>
	 <48E38E03.4010909@newmediagateway.com> <1222935551.7452.25.camel@localhost>
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="=-98zLKxx9lMCX4XsZ2xxb"
Date: Thu, 02 Oct 2008 16:41:03 +0100
Message-Id: <1222962063.7452.28.camel@localhost>
Mime-Version: 1.0
X-Mailer: Evolution 2.22.3.1 FreeBSD GNOME Team Port 
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: Re: [users@httpd] mod_rewrite double escaping query strings

--=-98zLKxx9lMCX4XsZ2xxb
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Thu, 2008-10-02 at 09:19 +0100, Tom Evans wrote:
> On Wed, 2008-10-01 at 09:49 -0500, Justin Pasher wrote:
> > Tom Evans wrote:
> > > Hi all.
> > >
> > > I'm encountering a problem with using mod_rewrite in httpd 2.2.9 to
> > > canonicalize the server name. The problem is that the query string se=
ems
> > > to be double escaped by this process. Here is a sample vhost that
> > > triggers the issue:
> > >
> > > <VirtualHost *:80>
> > >     ServerName sweetums
> > >     ServerAlias foofoo
> > >
> > >     DocumentRoot /data2/development/www/sweetums
> > >     <Directory /data2/development/www/sweetums>
> > >             Order allow,deny
> > >             Allow from all
> > >     </Directory>
> > >
> > >     RewriteEngine On
> > >
> > >     RewriteCond %{HTTP_HOST}  !^sweetums$
> > >     RewriteRule ^/(.*)        http://sweetums/$1 [R=3D301,L,QSA]
> > >
> > > </VirtualHost>
> > >
> > > So, with this configuration, a request for http://foofoo/bar is
> > > correctly rewritten to http://sweetums/bar , however a request for
> > > http://foofoo/bar?and=3Dgrill%25 would be incorrectly rewritten to
> > > http://sweetums/bar?and=3Dgrill%2525 .
> > >
> > > Is there any way to prevent this behaviour, or perhaps a better form =
of
> > > host canonicalization?=20
> > >
> > > Cheers
> > >
> > > Tom
> >=20
> > Try removing the QSA flag from the RewriteRule. It should only be neede=
d=20
> > when you are modifying the query string (which you are not).
>=20
> Doesn't modify the behaviour. Did a bit more searching around the
> archives, this was first reported as a bug in 2000 [1], and has never
> been fixed, so there must be a reason for it. Are there any modules that
> will allow me to do host name canonicalization safely?
>=20
> Cheers
>=20
> Tom
>=20
> [1] http://archive.apache.org/gnats/6042

Following up my own email, for the archive, the solution was to add flag
NE to the RewriteRule.

Cheers

Tom

--=-98zLKxx9lMCX4XsZ2xxb
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)

iEYEABECAAYFAkjk64wACgkQlcRvFfyds/d4hACcDcq6pW8fZ5/e9fivT7vXgFfd
P2AAoKVZCsYyFDpY9aZB8QrTm0KO25LC
=V7Rr
-----END PGP SIGNATURE-----

--=-98zLKxx9lMCX4XsZ2xxb--