mod_dav: Fix invalid Location header when a resource is created by passing an

absolute URI on the request line.

Using r->unparsed_uri is wrong since it might contain a scheme, hostname and
port.  See section 5.1.2 of RFC 2616, an absolute URI is allowed.  The
unparsed_uri field is absolutely unparsed.  The current code causes the
Location header to end up having the scheme, host and port included twice.

* modules/dav/main/mod_dav.c
  (dav_created): Call ap_escape_uri() on r->uri when caller doesn't provide a
    location.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1592655 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c
index 93346250c16a6e476657d74990e30ab4b986380b..77a3b12a124dfe27794c9a1af518adb0a7c79364 100644 (file)
--- a/modules/dav/main/mod_dav.c
+++ b/modules/dav/main/mod_dav.c
@@ -611,7 +611,7 @@ static int dav_created(request_rec *r, const char *locn, const char *what,
     const char *body;
 
     if (locn == NULL) {
-        locn = r->unparsed_uri;
+        locn = ap_escape_uri(r->pool, r->uri);
     }
 
     /* did the target resource already exist? */