mod_proxy_ajp: Avoid delivering content from a previous request which
failed to send a request body. PR 46949 [Ruediger Pluem]
+ *) mod_rewrite: When evaluating a proxy rule in directory context, do
+ escape the filename by default. PR 46428 [Joe Orton]
+
*) mod_proxy_ajp: Check more strictly that the backend follows the AJP
protocol. [Mladen Turk]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_rewrite: Correctly encode spaces in proxied requests issued by rewrite
- rules in directory context. PR 46428
- Trunk version of patch:
- http://svn.apache.org/viewvc?rev=757427&view=rev
- Backport version for 2.2.x of patch:
- http://people.apache.org/~rpluem/patches/46428_2.2.x.diff
- +1: rpluem, jim, wrowe
-
* mod_include: Prevent a case of SSI timefmt-smashing with filter chains
including multiple INCLUDES filters
Trunk version of patch:
* ourself).
*/
if (p->flags & RULEFLAG_PROXY) {
- /* PR#39746: Escaping things here gets repeated in mod_proxy */
+ /* For rules evaluated in server context, the mod_proxy fixup
+ * hook can be relied upon to escape the URI as and when
+ * necessary, since it occurs later. If in directory context,
+ * the ordering of the fixup hooks is forced such that
+ * mod_proxy comes first, so the URI must be escaped here
+ * instead. See PR 39746, 46428, and other headaches. */
+ if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) {
+ char *old_filename = r->filename;
+
+ r->filename = ap_escape_uri(r->pool, r->filename);
+ rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir context "
+ "for proxy, %s -> %s", old_filename, r->filename));
+ }
+
fully_qualify_uri(r);
rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",
projects / thirdparty / apache / httpd.git / commitdiff
