From: Rainer Jung Date: Fri, 19 Apr 2013 07:29:32 +0000 (+0000) Subject: mod_rewrite: When evaluating a proxy rule in directory context, X-Git-Tag: 2.0.65~46 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f92635f00701301a1bbc5f54286ea3d17d461aee;p=thirdparty%2Fapache%2Fhttpd.git mod_rewrite: When evaluating a proxy rule in directory context, do escape the filename by default, since mod_proxy will not escape in that case due to the (deliberate) fixup hook ordering. PR 46428 Backport of r757427 from trunk resp. r773351 from 2.2.x. Submitted by: jorton/rpluem Backported by: rjung Reviewed by: wrowe, humbedooh git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1469721 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 96cacd503ae..5f406119efd 100644 --- a/CHANGES +++ b/CHANGES @@ -28,6 +28,9 @@ Changes with Apache 2.0.65 is enabled, could allow local users to gain privileges via a .htaccess file. [Stefan Fritsch, Greg Ames] + *) mod_rewrite: When evaluating a proxy rule in directory context, do + escape the filename by default. PR 46428 [Joe Orton] + *) Improve platform detection for bundled PCRE by updating config.guess and config.sub. [Rainer Jung] diff --git a/STATUS b/STATUS index bc8eb88c527..bcef4929251 100644 --- a/STATUS +++ b/STATUS @@ -190,13 +190,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_rewrite: PR 46428 - whitespace/encoding for proxied URL - Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=757427 - 2.2.x patch: http://svn.apache.org/viewvc?view=revision&revision=773351 - Backport: http://people.apache.org/~rjung/patches/pr-46428-2_0.patch - Revert r1002110 and r1002161 in test framework, once this is fixed. - +1: rjung, wrowe, humbedooh - * mod_include: PR 39369 - timefmt config not working in SSI when using INCLUDES output filter and XBitHack On Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=757376 diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index dcbac539add..e26bb6ec30a 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -2203,6 +2203,20 @@ static int apply_rewrite_rule(request_rec *r, rewriterule_entry *p, * ourself). */ if (p->flags & RULEFLAG_PROXY) { + /* For rules evaluated in server context, the mod_proxy fixup + * hook can be relied upon to escape the URI as and when + * necessary, since it occurs later. If in directory context, + * the ordering of the fixup hooks is forced such that + * mod_proxy comes first, so the URI must be escaped here + * instead. See PR 39746, 46428, and other headaches. */ + if (perdir && (p->flags & RULEFLAG_NOESCAPE) == 0) { + char *old_filename = r->filename; + + r->filename = ap_escape_uri(r->pool, r->filename); + rewritelog(r, 2, "[per-dir %s] escaped URI in per-dir context " + "for proxy, %s -> %s", perdir, old_filename, r->filename); + } + fully_qualify_uri(r); if (perdir == NULL) { rewritelog(r, 2, "forcing proxy-throughput with %s", r->filename);