On 6/27/06, Lewis Hoffman <lewis@xxxxxxxxxxxxxxxx> wrote:
> Hello,
>
> I'm running a reverse proxy in apache-2.0.54
> For most urls, it's working great. However, some URI escape sequences cause
> 404s from apache. It seems as if they never get to the rewrite rule.
>
> For example, these two URLs:
> 1) http://wagon.grasscommons.org/c/wiki/new/thisthat
> 2) http://wagon.grasscommons.org/c/wiki/new/this%2Fthat
>
> access log entries for the two requests, respectively:
>
> 67.42.179.239 - - [27/Jun/2006:15:13:49 -0700] "GET /c/wiki/new/thisthat
> HTTP/1.1" 200 2404 "-" "Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US;
> rv: 1.8.0.3) Gecko/20060326 Firefox/1.5.0.3 (Debian-1.5.dfsg+1.5.0.3-2)"
> 67.42.179.239 - - [27/Jun/2006:15:13:20 -0700] "GET /c/wiki/new/this%2Fthat
> HTTP/1.1" 404 218 "-" "Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US;
> rv:1.8.0.3) Gecko/20060326 Firefox/1.5.0.3 (Debian-1.5.dfsg+1.5.0.3-2)"
Try this:
http://httpd.apache.org/docs/2.0/mod/core.html#allowencodedslashes
Encoded slashes are not allowed by default because they can be used to
trick some scripts into disclosing protected content. (Although that
seems like a pretty weak explanation to me. Lot's of other characters
cause potential problems.)
Joshua.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|