From: Eric Covener <covener@apache.org>
Date: Tue, 15 Mar 2016 14:57:46 +0000 (+0000)
Subject: [PATCH] mod_rewrite: double escaping of query strings in server context
X-Git-Tag: 2.5.0-alpha~1898
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c1922e4d0c6472e3debe38d321697788c15b04d6;p=apache

[PATCH] mod_rewrite: double escaping of query strings in server context
(like PR50447, for server context)

Submitted By: Evgeny Kotkov <evgeny.kotkov visualsvn.com>
Committed By: covener




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735088 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index e76fdbdad9..71f00dce7d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_rewrite: Don't implicitly URL-escape the original query string
+     when no substitution has changed it (like PR50447 but server context)
+     [Evgeny Kotkov <evgeny.kotkov visualsvn.com>]
+
   *) core: New CGIVar directive can configure REQUEST_URI to represent the
      current URI being processed instead of always the original request.
      [Jeff Trawick]
diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
index 44ad8c6ae5..fc7e8e4ca9 100644
--- a/modules/mappers/mod_rewrite.c
+++ b/modules/mappers/mod_rewrite.c
@@ -4548,6 +4548,7 @@ static int hook_uri2file(request_rec *r)
     unsigned int port;
     int rulestatus;
     void *skipdata;
+    const char *oargs;
 
     /*
      *  retrieve the config structures
@@ -4597,6 +4598,12 @@ static int hook_uri2file(request_rec *r)
         return DECLINED;
     }
 
+    /*
+     *  remember the original query string for later check, since we don't
+     *  want to apply URL-escaping when no substitution has changed it.
+     */
+    oargs = r->args;
+
     /*
      *  add the SCRIPT_URL variable to the env. this is a bit complicated
      *  due to the fact that apache uses subrequests and internal redirects
@@ -4731,11 +4738,21 @@ static int hook_uri2file(request_rec *r)
 
             /* append the QUERY_STRING part */
             if (r->args) {
+                char *escaped_args = NULL;
+                int noescape = (rulestatus == ACTION_NOESCAPE ||
+                                (oargs && !strcmp(r->args, oargs)));
+
                 r->filename = apr_pstrcat(r->pool, r->filename, "?",
-                                          (rulestatus == ACTION_NOESCAPE)
+                                          noescape
                                             ? r->args
-                                            : ap_escape_uri(r->pool, r->args),
+                                            : (escaped_args =
+                                               ap_escape_uri(r->pool, r->args)),
                                           NULL);
+
+                rewritelog((r, 1, NULL, "%s %s to query string for redirect %s",
+                            noescape ? "copying" : "escaping",
+                            r->args ,
+                            noescape ? "" : escaped_args));
             }
 
             /* determine HTTP redirect response code */