diff options
| author | Eric Covener <covener@apache.org> | 2023-03-05 21:27:11 +0100 |
|---|---|---|
| committer | Eric Covener <covener@apache.org> | 2023-03-05 21:27:11 +0100 |
| commit | d78a166fedd9d02c23e4b71d5f53bd9b2c4b9a51 (patch) | |
| tree | c5344f698d084adf942c4def743b5d4b8f7772f8 /modules/mappers | |
| parent | *) mod_md: (diff) | |
| download | apache2-d78a166fedd9d02c23e4b71d5f53bd9b2c4b9a51.tar.xz apache2-d78a166fedd9d02c23e4b71d5f53bd9b2c4b9a51.zip | |
don't forward invalid query strings
Submitted by: rpluem
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1908095 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/mappers')
| -rw-r--r-- | modules/mappers/mod_rewrite.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 94aefc9c20..a315b84b32 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -4794,6 +4794,17 @@ static int hook_uri2file(request_rec *r) apr_size_t flen; int to_proxyreq; + if (r->args && *(ap_scan_vchar_obstext(r->args))) { + /* + * We have a raw control character or a ' ' in r->args. + * Correct encoding was missed. + */ + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10410) + "Rewritten query string contains control " + "characters or spaces"); + return HTTP_FORBIDDEN; + } + if (ACTION_STATUS == rulestatus) { int n = r->status; @@ -5092,6 +5103,17 @@ static int hook_fixup(request_rec *r) if (rulestatus) { unsigned skip; + if (r->args && *(ap_scan_vchar_obstext(r->args))) { + /* + * We have a raw control character or a ' ' in r->args. + * Correct encoding was missed. + */ + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10411) + "Rewritten query string contains control " + "characters or spaces"); + return HTTP_FORBIDDEN; + } + if (ACTION_STATUS == rulestatus) { int n = r->status; |