From: Ruediger Pluem Date: Sun, 10 May 2009 15:06:26 +0000 (+0000) Subject: Merge r757427 from trunk: X-Git-Tag: 2.2.12~136 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b80221687b730b2b7208d9e5fc993566dbd05297;p=thirdparty%2Fapache%2Fhttpd.git Merge r757427 from trunk: * modules/mappers/mod_rewrite.c (apply_rewrite_rule): When evaluating a proxy rule in directory context, do escape the filename by default, since mod_proxy will not escape in that case due to the (deliberate) fixup hook ordering. Thanks to: rpluem PR: 46428 Submitted by: jorton Reviewed by: rpluem, jim, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@773351 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 5fecdafcee1..4900abb56ac 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,9 @@ Changes with Apache 2.2.12 mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem] + *) mod_rewrite: When evaluating a proxy rule in directory context, do + escape the filename by default. PR 46428 [Joe Orton] + *) mod_proxy_ajp: Check more strictly that the backend follows the AJP protocol. [Mladen Turk] diff --git a/STATUS b/STATUS index 47c368fba5a..372f09072bf 100644 --- a/STATUS +++ b/STATUS @@ -87,14 +87,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_rewrite: Correctly encode spaces in proxied requests issued by rewrite - rules in directory context. PR 46428 - Trunk version of patch: - http://svn.apache.org/viewvc?rev=757427&view=rev - Backport version for 2.2.x of patch: - http://people.apache.org/~rpluem/patches/46428_2.2.x.diff - +1: rpluem, jim, wrowe - * mod_include: Prevent a case of SSI timefmt-smashing with filter chains including multiple INCLUDES filters Trunk version of patch: diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 9bc4f2ee5f5..90da5ed94b1 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -3921,7 +3921,20 @@ static int apply_rewrite_rule(rewriterule_entry *p, rewrite_ctx *ctx) * ourself). */ if (p->flags & RULEFLAG_PROXY) { - /* PR#39746: Escaping things here gets repeated in mod_proxy */ + /* For rules evaluated in server context, the mod_proxy fixup + * hook can be relied upon to escape the URI as and when + * necessary, since it occurs later. If in directory context, + * the ordering of the fixup hooks is forced such that + * mod_proxy comes first, so the URI must be escaped here + * instead. See PR 39746, 46428, and other headaches. */ + if (ctx->perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) { + char *old_filename = r->filename; + + r->filename = ap_escape_uri(r->pool, r->filename); + rewritelog((r, 2, ctx->perdir, "escaped URI in per-dir context " + "for proxy, %s -> %s", old_filename, r->filename)); + } + fully_qualify_uri(r); rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",