Fix RedirectMatch so it won't emit invalid Location fields.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@93134 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/src/CHANGES b/src/CHANGES
index 74282654806c3fda1da724590763dc9e6e86be0f..4e0f37621e494d79bbefb433c8bcc86db70d1fea 100644 (file)
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -1,5 +1,11 @@
 Changes with Apache 1.3.24
 
+  *) The Location: response header field, used for external
+     redirect, *must* be an absoluteURI.  The Redirect directive
+     tested for that, but RedirectMatch didn't -- it would allow
+     almost anything through.  Now it, too, will correctly varf
+     if the redirection target isn't an absoluteURI.  [Ken Coar]
+
   *) apxs: fix bug that prevented -S option from containing quotes.
      [Ben Laurie]
 

diff --git a/src/modules/standard/mod_alias.c b/src/modules/standard/mod_alias.c
index 3d31d43c8f4cd95a5363c23150132196f3647929..f6ae1bcc5c8b4a4211d021ff7ea697f58d68225d 100644 (file)
--- a/src/modules/standard/mod_alias.c
+++ b/src/modules/standard/mod_alias.c
@@ -66,6 +66,7 @@
 
 #include "httpd.h"
 #include "http_config.h"
+#include "http_log.h"
 
 typedef struct {
     char *real;
@@ -391,8 +392,18 @@ static int fixup_redir(request_rec *r)
     /* It may have changed since last time, so try again */
 
     if ((ret = try_alias_list(r, dirconf->redirects, 1, &status)) != NULL) {
-       if (ap_is_HTTP_REDIRECT(status))
-           ap_table_setn(r->headers_out, "Location", ret);
+        if (ap_is_HTTP_REDIRECT(status)) {
+            if (!ap_is_url(ret)) {
+                status = HTTP_INTERNAL_SERVER_ERROR;
+                ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, r,
+                              "cannot redirect '%s' to '%s'; "
+                              "target is not a valid absoluteURI",
+                              r->uri, ret);
+            }
+            else {
+                ap_table_setn(r->headers_out, "Location", ret);
+            }
+        }
        return status;
     }