On Thu, 2008-10-02 at 09:19 +0100, Tom Evans wrote:
> On Wed, 2008-10-01 at 09:49 -0500, Justin Pasher wrote:
> > Tom Evans wrote:
> > > Hi all.
> > >
> > > I'm encountering a problem with using mod_rewrite in httpd 2.2.9 to
> > > canonicalize the server name. The problem is that the query string seems
> > > to be double escaped by this process. Here is a sample vhost that
> > > triggers the issue:
> > >
> > > <VirtualHost *:80>
> > > ServerName sweetums
> > > ServerAlias foofoo
> > >
> > > DocumentRoot /data2/development/www/sweetums
> > > <Directory /data2/development/www/sweetums>
> > > Order allow,deny
> > > Allow from all
> > > </Directory>
> > >
> > > RewriteEngine On
> > >
> > > RewriteCond %{HTTP_HOST} !^sweetums$
> > > RewriteRule ^/(.*) http://sweetums/$1 [R=301,L,QSA]
> > >
> > > </VirtualHost>
> > >
> > > So, with this configuration, a request for http://foofoo/bar is
> > > correctly rewritten to http://sweetums/bar , however a request for
> > > http://foofoo/bar?and=grill%25 would be incorrectly rewritten to
> > > http://sweetums/bar?and=grill%2525 .
> > >
> > > Is there any way to prevent this behaviour, or perhaps a better form of
> > > host canonicalization?
> > >
> > > Cheers
> > >
> > > Tom
> >
> > Try removing the QSA flag from the RewriteRule. It should only be needed
> > when you are modifying the query string (which you are not).
>
> Doesn't modify the behaviour. Did a bit more searching around the
> archives, this was first reported as a bug in 2000 [1], and has never
> been fixed, so there must be a reason for it. Are there any modules that
> will allow me to do host name canonicalization safely?
>
> Cheers
>
> Tom
>
> [1] http://archive.apache.org/gnats/6042
Following up my own email, for the archive, the solution was to add flag
NE to the RewriteRule.
Cheers
Tom
Attachment:
signature.asc
Description: This is a digitally signed message part
|