Fix RedirectMatch so it won't emit invalid Location fields.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93137 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 3550661f2e68f27fb47b7fcd06537b1d4735515a..a35f1ad07a3a66b8f435dfb603d83bd900e4f39d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,11 @@
 Changes with Apache 2.0.32-dev
 
+  *) The Location: response header field, used for external
+     redirect, *must* be an absoluteURI.  The Redirect directive
+     tested for that, but RedirectMatch didn't -- it would allow
+     almost anything through.  Now it, too, will correctly varf
+     if the redirection target isn't an absoluteURI.  [Ken Coar]
+
 Changes with Apache 2.0.31
 
   *) Add a timeout option to the proxy code 'ProxyTimeout' 

diff --git a/modules/mappers/mod_alias.c b/modules/mappers/mod_alias.c
index 7a3719bde25cd6d4f73d7b6ca936735f5cc0d480..d79917c16a86ec913f763cfd60f40bbe22003a2d 100644 (file)
--- a/modules/mappers/mod_alias.c
+++ b/modules/mappers/mod_alias.c
@@ -74,6 +74,7 @@
 #include "httpd.h"
 #include "http_config.h"
 #include "http_request.h"
+#include "http_log.h"
 
 
 typedef struct {
@@ -433,8 +434,18 @@ static int fixup_redir(request_rec *r)
     /* It may have changed since last time, so try again */
 
     if ((ret = try_alias_list(r, dirconf->redirects, 1, &status)) != NULL) {
-       if (ap_is_HTTP_REDIRECT(status))
-           apr_table_setn(r->headers_out, "Location", ret);
+        if (ap_is_HTTP_REDIRECT(status)) {
+            if (!ap_is_url(ret)) {
+                status = HTTP_INTERNAL_SERVER_ERROR;
+                ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
+                              "cannot redirect '%s' to '%s'; "
+                              "target is not a valid absoluteURI",
+                              r->uri, ret);
+            }
+            else {
+                apr_table_setn(r->headers_out, "Location", ret);
+            }
+        }
        return status;
     }