httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From DW <xfs...@hotmail.com>
Subject [users@httpd] Re: Bug in Apache 2.0 mod_proxy
Date Sat, 15 Jan 2011 01:31:01 GMT

Please file all bug reports at this link if you haven't done so for yours:

<https://issues.apache.org/bugzilla/>

hth


Sam Rossoff wrote:
> I've been using Apache's mod_proxy module recently when I came across a bug.
>
> Addresses of the form:
> www.zappos.com/donald-j-pliner-womens-boots~2
>
> were being converted to
> www.zappos.com/donald-j-pliner-womens-boots%7E2
>
> When the Zappos servers see a url with %7E in them it will respond
> with an HTTP 301 Moved Permanently to the same url with a decoded ~.
> Tshark dump follows:
>
> Hypertext Transfer Protocol
>     HTTP/1.1 301 Moved Permanently\r\n
>         [Expert Info (Chat/Sequence): HTTP/1.1 301 Moved Permanently\r\n]
>             [Message: HTTP/1.1 301 Moved Permanently\r\n]
>             [Severity level: Chat]
>             [Group: Sequence]
>         Request Version: HTTP/1.1
>         Response Code: 301
>     Server: nginx/0.8.34\r\n
>     Content-Type: text/html\r\n
>     Content-Length: 185\r\n
>         [Content length: 185]
>     Location: /donald-j-pliner-womens-boots~2\r\n
>     X-Core-Value: 6. Build Open and Honest Relationships With Communication\r\n
>     X-Recruiting: If you're reading this, maybe you should be working
> at Zappos instead.  Check out jobs.zappos.com\r\n
>     Vary: Accept-Encoding\r\n
>     Date: Fri, 14 Jan 2011 00:33:56 GMT\r\n
>     Connection: close\r\n
>     \r\n
> Line-based text data: text/html
>     <html>\r\n
>     <head><title>301 Moved Permanently</title></head>\r\n
>     <body bgcolor="white">\r\n
>     <center><h1>301 Moved Permanently</h1></center>\r\n
>     <hr><center>nginx/0.8.34</center>\r\n
>     </body>\r\n
>     </html>\r\n
>
>
> Because mod_proxy will always escape ~ into %7E this will quickly lead
> to an infinite redirect loop (luckily most applications will get the
> hint quickly).
>
> I dug into why this is and came up with the following message:
> http://marc.info/?l=apache-bugdb&m=99926707930303&w=2
>
> Digging further I even found a commit to the Apache 2.2 branch:
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/proxy_util.c?view=log&pathrev=571456
>
> However, when I looked for a similar change in Apache 2.0.64 I notice
> it was not present
> http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/modules/proxy/proxy_util.c?revision=563329&view=markup
> line 137
>
> I assume it just never got back-ported.
>
> I went to file a bug on the Apache website, but it suggested I ping
> this mailing list first (http://httpd.apache.org/bug_report.html)
>
> While Zappos' redirection is non-standard, forcing the URLEncoding of
> the tilde character is not in keeping with RFC 2396 which supersedes
> RFC 1738 and specifically states:
>
> 2.3. Unreserved Characters
>
>    Data characters that are allowed in a URI but do not have a reserved
>    purpose are called unreserved.  These include upper and lower case
>    letters, decimal digits, and a limited set of punctuation marks and
>    symbols.
>
>       unreserved  = alphanum | mark
>
>       mark        = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
>
>    Unreserved characters can be escaped without changing the semantics
>    of the URI, but this should not be done unless the URI is being used
>    in a context that does not allow the unescaped character to appear.
>
> There for, I would recommend a similar change to Apache 2.0.x's
> proxy_util.c in keeping with Apache 2.2.x's revision 571436.
>
> Specifically, line 137, which reads:
>
>     allowed = "$-_.+!*'(),;:@&=";
>
> should read:
>
>     allowed = "~$-_.+!*'(),;:@&=";
>
> Thank you for your time.
>
>   


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message