From: William A. Rowe Jr <wrowe@apache.org>
Date: Mon, 12 Sep 2016 20:15:26 +0000 (+0000)
Subject: Review of IE 11, Firefox 48 and Chrome 53 all indicate that ';' URI characters
X-Git-Tag: 2.5.0-alpha~1159
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=40538b21a31ecf06a424addb1be426954bf1f2cb;p=thirdparty%2Fapache%2Fhttpd.git

Review of IE 11, Firefox 48 and Chrome 53 all indicate that ';' URI characters
are transmitted unencoded, per RFC3986 section 3.3 grammer. Correct httpd's
behavior to not encode ';' in proxied URI's or Location: response headers.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760444 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 1cdbdb8da5b..d95aea46817 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) core: Permit unencoded ';' characters to appear in proxy requests and
+     Location: response headers. Corresponds to modern browser behavior.
+     [William Rowe]
+
   *) mpm_winnt: Prevent a denial of service when the 'data' AcceptFilter is in
      use by replacing it with the 'connect' filter. PR 59970. [Jacob Champion]
 
diff --git a/server/gen_test_char.c b/server/gen_test_char.c
index ae7e18a7c64..251e7fb2e32 100644
--- a/server/gen_test_char.c
+++ b/server/gen_test_char.c
@@ -113,7 +113,7 @@ int main(int argc, char *argv[])
             flags |= T_ESCAPE_PATH_SEGMENT;
         }
 
-        if (!apr_isalnum(c) && !strchr("$-_.+!*'(),:@&=/~", c)) {
+        if (!apr_isalnum(c) && !strchr("$-_.+!*'(),:;@&=/~", c)) {
             flags |= T_OS_ESCAPE_PATH;
         }