Received: (qmail 8764 invoked by uid 65534); 2 Feb 2000 20:11:57 -0000 Message-Id: <20000202201157.8763.qmail@locus.apache.org> Date: 2 Feb 2000 20:11:57 -0000 From: Bernhard Weisshuhn Reply-To: bkw@weisshuhn.de To: submit@bugz.apache.org Subject: unexpected behavior when '%2f' in path-info X-Send-Pr-Version: 3.110 >Number: 5687 >Category: protocol >Synopsis: unexpected behavior when '%2f' in path-info >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Feb 02 12:20:00 PST 2000 >Closed-Date: Fri Jun 13 15:02:09 PDT 2003 >Last-Modified: Fri Jun 13 15:02:09 PDT 2003 >Originator: bkw@weisshuhn.de >Release: 1.3.9 >Organization: >Environment: Sun Solaris, SunOS somesun 5.6 Generic_105181-11 sun4u sparc SUNW,Ultra-1, gcc 2.8.1 >Description: Using additional characters - including slashes - behind a script or document in a URL puts them into PATH_INFO, which is fine. I was quite surprised to see apache misinterpret the base64-encoding (%2f") of the slash character for a real slash, ending up in a 404. Just in case this is not a feature, I thought I'd let somebody know. >How-To-Repeat: http://www.apache.org/index.html/test/test => 200 http://www.apache.org/index.html/test%2ftest => 404 >Fix: Quickfix: mod_rewrite. Realfix: revisit url/path encoding/handling >Release-Note: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: coar State-Changed-When: Fri Jun 13 15:02:09 PDT 2003 State-Changed-Why: This has been addressed in Apache 2.0.46 through the AllowEncodedSlashes directive. Category-Changed-From-To: general-protocol Category-Changed-By: coar Category-Changed-When: Fri Jun 13 15:02:09 PDT 2003 >Unformatted: [In order for any reply to be added to the PR database, you need] [to include in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]