From ed03ddaa22bae733408101c20dd10fe1830db4de Mon Sep 17 00:00:00 2001
From: Graham Leggett <minfrin@apache.org>
Date: Sun, 26 Feb 2012 17:35:47 +0000
Subject: [PATCH] Backport: mod_session: Sessions are encoded as
 application/x-www-form-urlencoded strings, however we do not handle the
 encoding of spaces properly. Fixed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1293889 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES                       | 4 ++++
 STATUS                        | 5 -----
 modules/session/mod_session.c | 6 +++---
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/CHANGES b/CHANGES
index 0f35547792..acc1ab04be 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 
 Changes with Apache 2.4.2
 
+  * mod_session: Sessions are encoded as application/x-www-form-urlencoded
+    strings, however we do not handle the encoding of spaces properly.
+    Fixed. [Graham Leggett]
+
   *) Configuration: Example in comment should use a path consistent
      with the default configuration. PR 52715.
      [Rich Bowen, Jens Schleusener, Rainer Jung]
diff --git a/STATUS b/STATUS
index 133a37368a..4845684f3f 100644
--- a/STATUS
+++ b/STATUS
@@ -88,11 +88,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * mod_session: Sessions are encoded as application/x-www-form-urlencoded strings,
-    however we do not handle the encoding of spaces properly. Fixed.
-    Trunk patches: http://svn.apache.org/viewvc?rev=1293658&view=rev
-    2.4.x patch: Trunk patch works
-    +1: minfrin, trawick, sf
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]
diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
index 3e1275be17..e053619a3c 100644
--- a/modules/session/mod_session.c
+++ b/modules/session/mod_session.c
@@ -303,11 +303,11 @@ static int identity_concat(char *buffer, const char *key, const char *val)
         *slider = '&';
         slider++;
     }
-    ap_escape_path_segment_buffer(slider, key);
+    ap_escape_urlencoded_buffer(slider, key);
     slider += strlen(slider);
     *slider = '=';
     slider++;
-    ap_escape_path_segment_buffer(slider, val);
+    ap_escape_urlencoded_buffer(slider, val);
     return 1;
 }
 
@@ -384,7 +384,7 @@ static apr_status_t session_identity_decode(request_rec * r, session_rec * z)
             if (!val || !*val) {
                 apr_table_unset(z->entries, key);
             }
-            else if (!ap_unescape_all(key) && !ap_unescape_all(val)) {
+            else if (!ap_unescape_urlencoded(key) && !ap_unescape_urlencoded(val)) {
                 if (!strcmp(SESSION_EXPIRY, key)) {
                     z->expiry = (apr_time_t) apr_atoi64(val);
                 }
-- 
2.40.0