Re: [users@httpd] mod_rewrite & mod_proxy & %2F in URL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello.

As mentioned in my original post, this bugfix seems to make things worse for us.
We are using version 2.0.58 of apache and here are the most important informations:

Server version

# httpd -v
Server version: Apache/2.0.58
Server built:   Jun  6 2006 19:36:27

Apache config:

AllowEncodedSlashes On
RewriteEngine on
RewriteLog /var/log/apache/rewrite.log
RewriteLogLevel 1

RewriteRule /(.*)/MessagePart/(.*)/(.*)/(.*)-H.txt   http://127.0.0.1:8100/$1/MessagePart/$2\%2F$3/$4-H.txt [P]

Apache rewrite log:

10.198.1.66 - - [15/Jun/2006:10:49:43 +0200] [server.domain.de/sid#812ad30][rid#81c98b8/initial] (1) go-ahead with proxy request
proxy:http://127.0.0.1:8100/Session/352-Vyf3CmUK308Bl17cGGOR/MessagePart/INBOX%2FArchiv/1012-H.txt [OK]

Mailserver log:

10:49:43.33 4 HTTPU-70655([127.0.0.1]) got connection on [127.0.0.1:8100](domain.de) from [127.0.0.1:41611]
10:49:43.33 4 HTTPU-70655([127.0.0.1]) Request for /Session/352-Vyf3CmUK308Bl17cGGOR/MessagePart/INBOX%252FArchiv/1012-H.txt

I don't know exactly why this happens but it's quite hard for me to understand.
It seems as if in earlier apache versions the mod_proxy rewrote the passed URL
twice. First it fixed %2F to %252F and afterwards back to %2F. The bugfix now
seems to jump over the second rewrite and we are left with %252F.

As I'm building apache from scratch I'll have the possibility to add further debug
messages to get closer to the origin of the problem. But you must tell me where
to start. So far we are working with the following fixed lines in mod_proxy:

/* decode it if not already done
 *      if (isenc && (isenc != PROXYREQ_REVERSE) && (ch == '%')) { */
        if (isenc && ch == '%') {

These is just the reversion of the lines in Bugzilla PR 15207. This helps us to
work correctly until now.

Best regards.

Markus Stockhausen
On Thu, 15 Jun 2006 08:31:17 +0200
 Axel-Stéphane  SMORGRAV <Axel-Stephane.SMORGRAV@xxxxxxxxxxxxxx> wrote:
Good job. This suddenly rang a bell.

Check Bugzilla PR 15207 and upgrade to Apache 2.0.58 (or at least some version >= 2.0.55)

-ascs
-----Original Message-----
From: Markus Stockhausen [mailto:markus.stockhausen@xxxxxxxxxxx] Sent: Wednesday, June 14, 2006 8:59 PM
To: Axel-Stéphane SMORGRAV; users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] mod_rewrite & mod_proxy & %2F in URL

Hello.

Thanks a lot for your tip but I think this will not help in our case.
I was not able to test if the switch works but your explanation gives me the hint that it takes place in the mod_rewrite part and not in the mod_proxy part. To bring it back into mind.
I guess the modules work this way:

step 1: mod_rewrite: .../... -> ...%2F...
step 2: mod_proxy: ...%2F... -> ...%252F...
step 3: mod_proxy: ...%252F... -> ...%2F...

This assumption is based on the rewrite log of apache:

192.168.10.96 - -
[07/Jun/2006:10:24:06 +0200]
[host.domain.de/sid#812ad30]
[rid#8229780/initial] (1) go-ahead with proxy request proxy:http://127.0.0.1:8100/Session/29-w7ljxma6GuREB5fEEyyZ/MessagePart/SPAM%2FDetected/23323-H.txt [OK]
1

As you can see the %2F sequence is passed to mod_proxy correctly. So I need the opportunity to switch of escaping in mod_proxy.

Nevertheless I will try it the next days.

Best regards.

Markus Stockhausen


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux