« Previous | Next » 

Revision 2362

Added by stbuehler about 7 years ago

Revert url decoding+simplifying before matching of mod_rewrite/mod_redirect

- Lot of regressions (we forgot to reencode the result)
- Generic problem: after decode and rewrite "a?b?c": which '?' was the path?query seperator?
- Possible solution: only decode printable characters (without '?'), and encode the result; do not encode the '%' of a not decoded character.
- Still a problem with path simplifying, it seems many people use urls like this: http://server1/http%3a//server2/xxx
and rewrite the path into the querystring.
- Probably only usable with an extra config option
=> Do NOT use rewrite/redirect to protect specific urls.


  • added
  • modified
  • copied
  • renamed
  • deleted

View differences