Fix the handling of URIs containing %2F when AllowEncodedSlashes

is enabled.  Previously, such urls would still be rejected with
404.

(original CHANGES entry tweaked to remove mention of status code;
404 is what you get with AllowEncodedSlashes Off, but with the
broken AllowEncodedSlashes On processing you actually got 400)

Submitted by:	trawick, stoddard
Reviewed by:	clar

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@105196 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index de21478aec446c939d5cdff016ee0642e870ea06..9ccaf727b4cb2abcb123d687ca6f5ab06583a2c3 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,9 @@
 Changes with Apache 2.0.52
 
+  *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
+     is enabled.  Previously, such urls would still be rejected.
+     [Jeff Trawick, Bill Stoddard]
+
   *) mod_mem_cache: Fixed race condition causing segfault because of memory being
      freed twice, or reused after being freed.
      [J. Clar, W. Stoddard, G. Ames]

diff --git a/STATUS b/STATUS
index 6b15e5002c03149d4605334f1201b9cebf8a7a58..0f0b5fddbd0da5e9c24ea8f9071c3d3f785c3f0f 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,5 +1,5 @@
 APACHE 2.0 STATUS:                                              -*-text-*-
-Last modified at [$Date: 2004/09/17 15:28:07 $]
+Last modified at [$Date: 2004/09/18 00:43:59 $]
 
 Release:
 
@@ -113,12 +113,6 @@ PATCHES TO BACKPORT FROM 2.1
        jorton: ssl_var_lookup() returns "" in place of NULL, that was really
           a deliberate choice... but maybe you're right.
 
-    *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
-       is enabled.  Previously, such urls would still be rejected with
-       404.
-         server/util.c: r1.148, r1.149
-       +1: trawick, stoddard, clar
-
     *) Remove LDAP toolkit specific code from util_ldap and mod_auth_ldap.
          modules/experimental/mod_auth_ldap.c: 1.28
          modules/experimental/util_ldap.c: 1.36

diff --git a/server/util.c b/server/util.c
index b7070241321492d53ecac304b333be68164be5b7..06ba8d1598a63094524c377b93c155742900b2d0 100644 (file)
--- a/server/util.c
+++ b/server/util.c
@@ -1628,16 +1628,12 @@ AP_DECLARE(int) ap_unescape_url_keep2f(char *url)
             else {
                 char decoded;
                 decoded = x2c(y + 1);
-                if (IS_SLASH(decoded)) {
-                    *x++ = *y++;
-                    *x = *y;
+                if (decoded == '\0') {
+                    badpath = 1;
                 }
                 else {
                     *x = decoded;
                     y += 2;
-                    if (decoded == '\0') {
-                        badpath = 1;
-                    }
                 }
             }
         }