* In the reverse proxy case when we only want to keep encoded slashes untouched

  we can have decoded '%''s in the URI that got sent to us in the original URL
  as %25. Don't error out in this case but just fall through and have them
  encoded to %25 when forwarding to the backend.

PR: 66580

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1909464 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/changes-entries/pr66580.txt b/changes-entries/pr66580.txt
new file mode 100644 (file)
index 0000000..f011fe7
--- /dev/null
+++ b/changes-entries/pr66580.txt
@@ -0,0 +1,3 @@
+  *) mod_proxy: In case that AllowEncodedSlashes is set to NoDecode do not
+     fail on literal '%' when doing the encoding of the backend URL.
+     PR 66580 [Ruediger Pluem]

diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
index 439e4193708d89b949927c5751b3f5e7cfb745fd..614cdabb3531eefd74b96d560460ce5bd46fc2a6 100644 (file)
--- a/modules/proxy/proxy_util.c
+++ b/modules/proxy/proxy_util.c
@@ -260,26 +260,36 @@ PROXY_DECLARE(char *)ap_proxy_canonenc_ex(apr_pool_t *p, const char *x, int len,
  */
         if ((forcedec || noencslashesenc
             || (proxyreq && proxyreq != PROXYREQ_REVERSE)) && ch == '%') {
-            if (!apr_isxdigit(x[i + 1]) || !apr_isxdigit(x[i + 2])) {
-                return NULL;
-            }
-            ch = ap_proxy_hex2c(&x[i + 1]);
-            if (ch != 0 && strchr(reserved, ch)) {  /* keep it encoded */
-                y[j++] = x[i++];
-                y[j++] = x[i++];
-                y[j] = x[i];
-                continue;
-            }
-            if (noencslashesenc && !forcedec && (proxyreq == PROXYREQ_REVERSE)) {
-                /*
-                 * In the reverse proxy case when we only want to keep encoded
-                 * slashes untouched revert back to '%' which will cause
-                 * '%' to be encoded in the following.
-                 */
-                ch = '%';
+            if (apr_isxdigit(x[i + 1]) && apr_isxdigit(x[i + 2])) {
+                ch = ap_proxy_hex2c(&x[i + 1]);
+                if (ch != 0 && strchr(reserved, ch)) {  /* keep it encoded */
+                    y[j++] = x[i++];
+                    y[j++] = x[i++];
+                    y[j] = x[i];
+                    continue;
+                }
+                if (noencslashesenc && !forcedec && (proxyreq == PROXYREQ_REVERSE)) {
+                    /*
+                     * In the reverse proxy case when we only want to keep encoded
+                     * slashes untouched revert back to '%' which will cause
+                     * '%' to be encoded in the following.
+                     */
+                    ch = '%';
+                }
+                else {
+                    i += 2;
+                }
             }
-            else {
-                i += 2;
+            /*
+             * In the reverse proxy case when we only want to keep encoded
+             * slashes untouched we can have decoded '%''s in the URI that got
+             * sent to us in the original URL as %25.
+             * Don't error out in this case but just fall through and have them
+             * encoded to %25 when forwarding to the backend.
+             */
+            else if (!noencslashesenc || forcedec
+                     || (proxyreq && proxyreq != PROXYREQ_REVERSE)) {
+                return NULL;
             }
         }
 /* recode it, if necessary */