diff options
author | Daniel Earl Poirier <poirier@apache.org> | 2011-03-16 17:45:25 +0100 |
---|---|---|
committer | Daniel Earl Poirier <poirier@apache.org> | 2011-03-16 17:45:25 +0100 |
commit | fdaaf209c5cfb8ef0c8b3a173b9c3d1f053279dd (patch) | |
tree | ea15830024362cfaa325a76d5020954bb6e8fe5b /server/core.c | |
parent | * modules/ssl/ssl_engine_kernel.c (ssl_hook_ReadReq): Compare SNI (diff) | |
download | apache2-fdaaf209c5cfb8ef0c8b3a173b9c3d1f053279dd.tar.xz apache2-fdaaf209c5cfb8ef0c8b3a173b9c3d1f053279dd.zip |
core: AllowEncodedSlashes new option NoDecode to allow encoded slashes
in request URL path info but not decode them. Change behavior of option
"On" to decode the encoded slashes as 2.0 and 2.2 do. PR 35256,
PR 46830.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1082196 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'server/core.c')
-rw-r--r-- | server/core.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/server/core.c b/server/core.c index f764df667a..6600df332e 100644 --- a/server/core.c +++ b/server/core.c @@ -169,6 +169,7 @@ static void *create_core_dir_config(apr_pool_t *a, char *dir) conf->enable_mmap = ENABLE_MMAP_UNSET; conf->enable_sendfile = ENABLE_SENDFILE_UNSET; conf->allow_encoded_slashes = 0; + conf->decode_encoded_slashes = 0; return (void *)conf; } @@ -372,6 +373,7 @@ static void *merge_core_dir_configs(apr_pool_t *a, void *basev, void *newv) } conf->allow_encoded_slashes = new->allow_encoded_slashes; + conf->decode_encoded_slashes = new->decode_encoded_slashes; if (new->log) { if (!conf->log) { @@ -2634,11 +2636,24 @@ static const char *set_timeout(cmd_parms *cmd, void *dummy, const char *arg) return NULL; } -static const char *set_allow2f(cmd_parms *cmd, void *d_, int arg) +static const char *set_allow2f(cmd_parms *cmd, void *d_, const char *arg) { core_dir_config *d = d_; - d->allow_encoded_slashes = arg != 0; + if (0 == strcasecmp(arg, "on")) { + d->allow_encoded_slashes = 1; + d->decode_encoded_slashes = 1; /* for compatibility with 2.0 & 2.2 */ + } else if (0 == strcasecmp(arg, "off")) { + d->allow_encoded_slashes = 0; + d->decode_encoded_slashes = 0; + } else if (0 == strcasecmp(arg, "nodecode")) { + d->allow_encoded_slashes = 1; + d->decode_encoded_slashes = 0; + } else { + return apr_pstrcat(cmd->pool, + cmd->cmd->name, " must be On, Off, or NoDecode", + NULL); + } return NULL; } @@ -3780,7 +3795,7 @@ AP_INIT_TAKE1("SetOutputFilter", ap_set_string_slot, AP_INIT_TAKE1("SetInputFilter", ap_set_string_slot, (void *)APR_OFFSETOF(core_dir_config, input_filters), OR_FILEINFO, "filter (or ; delimited list of filters) to be run on the request body"), -AP_INIT_FLAG("AllowEncodedSlashes", set_allow2f, NULL, RSRC_CONF, +AP_INIT_TAKE1("AllowEncodedSlashes", set_allow2f, NULL, RSRC_CONF, "Allow URLs containing '/' encoded as '%2F'"), /* scoreboard.c directives */ |