diff options
| author | Yann Ylavic <ylavic@apache.org> | 2020-06-24 14:11:08 +0200 |
|---|---|---|
| committer | Yann Ylavic <ylavic@apache.org> | 2020-06-24 14:11:08 +0200 |
| commit | eb24229d58bbb90ed6d19f4e5fc77011b4a7198d (patch) | |
| tree | 965bb74e3ba4acd8db46b2a1e9f6e5ff4630115b /server/request.c | |
| parent | Follow up to r1879080: replace ProxyUseOriginalURI by mapping=encoded. (diff) | |
| download | apache2-eb24229d58bbb90ed6d19f4e5fc77011b4a7198d.tar.xz apache2-eb24229d58bbb90ed6d19f4e5fc77011b4a7198d.zip | |
Follow up to r1879079: fail early if URI path resolves above root.
Don't let it through as "/".
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1879147 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'server/request.c')
| -rw-r--r-- | server/request.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/server/request.c b/server/request.c index 4ba347ae40..4d1f4cb11c 100644 --- a/server/request.c +++ b/server/request.c @@ -192,15 +192,16 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r) int file_req = (r->main && r->filename); core_server_config *sconf = ap_get_core_module_config(r->server->module_config); - unsigned int normalize_flags = 0; + unsigned int normalize_flags; + normalize_flags = AP_NORMALIZE_NOT_ABOVE_ROOT; + if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) { + normalize_flags |= AP_NORMALIZE_MERGE_SLASHES; + } if (file_req) { /* File subrequests can have a relative path. */ normalize_flags |= AP_NORMALIZE_ALLOW_RELATIVE; } - if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) { - normalize_flags |= AP_NORMALIZE_MERGE_SLASHES; - } if (r->parsed_uri.path) { /* Normalize: remove /./ and shrink /../ segments, plus |