diff options
author | Eric Covener <covener@apache.org> | 2023-03-11 21:57:52 +0100 |
---|---|---|
committer | Eric Covener <covener@apache.org> | 2023-03-11 21:57:52 +0100 |
commit | 07b802c934b841d376733a3e2ecfa55f6b0ee994 (patch) | |
tree | da3b226d1486721607b7d41ef0efa442d8f5880f | |
parent | fr doc rebuild. (diff) | |
download | apache2-07b802c934b841d376733a3e2ecfa55f6b0ee994.tar.xz apache2-07b802c934b841d376733a3e2ecfa55f6b0ee994.zip |
allow decoded chars when they will be escaped
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908296 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | changes-entries/rewrite-escape.diff | 3 | ||||
-rw-r--r-- | modules/mappers/mod_rewrite.c | 45 |
2 files changed, 30 insertions, 18 deletions
diff --git a/changes-entries/rewrite-escape.diff b/changes-entries/rewrite-escape.diff new file mode 100644 index 0000000000..691adaba05 --- /dev/null +++ b/changes-entries/rewrite-escape.diff @@ -0,0 +1,3 @@ + *) mod_rewrite: Re-allow some proxy and redirect substitutions flagged as + 403 errors in 2.4.56. [Eric Covener] + diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 97c0413fdb..2872e34006 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -4810,14 +4810,19 @@ static int hook_uri2file(request_rec *r) } if (rulestatus) { - unsigned skip; - apr_size_t flen; - int to_proxyreq; - - if (r->args && *(ap_scan_vchar_obstext(r->args))) { + unsigned skip_absolute = is_absolute_uri(r->filename, NULL); + apr_size_t flen = r->filename ? strlen(r->filename) : 0; + int to_proxyreq = (flen > 6 && strncmp(r->filename, "proxy:", 6) == 0); + int will_escape = (to_proxyreq || skip_absolute) + && (rulestatus != ACTION_NOESCAPE); + + if (r->args + && !will_escape + && *(ap_scan_vchar_obstext(r->args))) { /* * We have a raw control character or a ' ' in r->args. - * Correct encoding was missed. + * Correct encoding was missed and we're not going to escape + * it before returning. */ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10410) "Rewritten query string contains control " @@ -4832,9 +4837,6 @@ static int hook_uri2file(request_rec *r) return n; } - flen = r->filename ? strlen(r->filename) : 0; - to_proxyreq = (flen > 6 && strncmp(r->filename, "proxy:", 6) == 0); - /* If a pre_trans reverse "proxy:" filename gets rewritten to * a non-proxy one this is not a proxy request anymore. */ @@ -4887,7 +4889,7 @@ static int hook_uri2file(request_rec *r) r->filename); return OK; } - else if ((skip = is_absolute_uri(r->filename, NULL)) > 0) { + else if (skip_absolute > 0) { int n; /* it was finally rewritten to a remote URL */ @@ -4895,7 +4897,7 @@ static int hook_uri2file(request_rec *r) if (rulestatus != ACTION_NOESCAPE) { rewritelog(r, 1, NULL, "escaping %s for redirect", r->filename); - r->filename = escape_absolute_uri(r->pool, r->filename, skip); + r->filename = escape_absolute_uri(r->pool, r->filename, skip_absolute); } /* append the QUERY_STRING part */ @@ -5121,9 +5123,17 @@ static int hook_fixup(request_rec *r) */ rulestatus = apply_rewrite_list(r, dconf->rewriterules, dconf->directory); if (rulestatus) { - unsigned skip; + unsigned skip_absolute = is_absolute_uri(r->filename, NULL); + int to_proxyreq = 0; + int will_escape = 0; - if (r->args && *(ap_scan_vchar_obstext(r->args))) { + l = strlen(r->filename); + to_proxyreq = l > 6 && strncmp(r->filename, "proxy:", 6) == 0; + will_escape = skip_absolute && (rulestatus != ACTION_NOESCAPE); + + if (r->args + && !will_escape + && *(ap_scan_vchar_obstext(r->args))) { /* * We have a raw control character or a ' ' in r->args. * Correct encoding was missed. @@ -5141,8 +5151,7 @@ static int hook_fixup(request_rec *r) return n; } - l = strlen(r->filename); - if (l > 6 && strncmp(r->filename, "proxy:", 6) == 0) { + if (to_proxyreq) { /* it should go on as an internal proxy request */ /* check if the proxy module is enabled, so @@ -5176,7 +5185,7 @@ static int hook_fixup(request_rec *r) "%s [OK]", r->filename); return OK; } - else if ((skip = is_absolute_uri(r->filename, NULL)) > 0) { + else if (skip_absolute > 0) { /* it was finally rewritten to a remote URL */ /* because we are in a per-dir context @@ -5185,7 +5194,7 @@ static int hook_fixup(request_rec *r) */ if (dconf->baseurl != NULL) { /* skip 'scheme://' */ - cp = r->filename + skip; + cp = r->filename + skip_absolute; if ((cp = ap_strchr(cp, '/')) != NULL && *(++cp)) { rewritelog(r, 2, dconf->directory, @@ -5230,7 +5239,7 @@ static int hook_fixup(request_rec *r) if (rulestatus != ACTION_NOESCAPE) { rewritelog(r, 1, dconf->directory, "escaping %s for redirect", r->filename); - r->filename = escape_absolute_uri(r->pool, r->filename, skip); + r->filename = escape_absolute_uri(r->pool, r->filename, skip_absolute); } /* append the QUERY_STRING part */ |