[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-bugdb
Subject: mod_proxy/8277: URI escaping in the proxy module
From: Tor Jonsson <tor.jonsson () vd ! volvo ! se>
Date: 2001-08-31 14:05:32
[Download RAW message or body]
> Number: 8277
> Category: mod_proxy
> Synopsis: URI escaping in the proxy module
> Confidential: no
> Severity: non-critical
> Priority: medium
> Responsible: apache
> State: open
> Quarter:
> Keywords:
> Date-Required:
> Class: change-request
> Submitter-Id: apache
> Arrival-Date: Fri Aug 31 07:10:00 PDT 2001
> Closed-Date:
> Last-Modified:
> Originator: tor.jonsson@vd.volvo.se
> Release: 1.3.20
> Organization:
apache
> Environment:
Any
> Description:
When setting up the Apache as a reverse proxy against a server the proxy module
escapes the tilde ~ character in the URI. Rfc2396 states that this escaping
is not required.
Some applications I try to reach through the reverse proxy doesn't unescape the URI \
properly (Stupid applications running on IIS). I know this is a bug in the target \
server to not unescape the URI but since this workaround complies with the rfc I \
think it should be implemented.
> How-To-Repeat:
httpd.conf
ServerName myreverseproxy.com
ProxyPass / http://mytarget.com/
ProxyPassReverse / http://mytarget.com/
Original request:
http://myreverseproxy.com/test/~blaha
This will render in:
http://mytarget.com/test/%7Eblaha
> Fix:
Add the tilde character to allowed characters in function ap_proxy_canonenc in \
proxy_util.c
> Release-Note:
> Audit-Trail:
> Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <apbugs@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or ]
["Re: general/1098:"). If the subject doesn't match this ]
[pattern, your message will be misfiled and ignored. The ]
["apbugs" address is not added to the Cc line of messages from ]
[the database automatically because of the potential for mail ]
[loops. If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request from a ]
[developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic