>Number: 1929 >Category: mod_proxy >Synopsis: ProxyPass redirects with URL showing for requests made with >the tilde >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Mar 9 21:50:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: >Environment: Digital Unix 4.0B OSF1 pathclevel6 >Description: ProxyPass shows redirected URL when URL uses the ~ character.
eg: http://www.oz.net/~cere will break ProxyPasses hidden redirection. >How-To-Repeat: Easy. Setup a ProxyPass statement like ProxyPass / http://eatme.com/ then query your proxy server (called foo.com) to http://foo.com/~cere and watch it redirect you and then show you the redirected URL in the location bar of your browser.. >Fix: This problem was almost fixed between version 1.2.5 and 1.3.x but not quite... I'm sure that it will be obvious to the person that patched the last ProxyPass problem that was similar to this; which was that for ANY URL ProxyPass would redirect but not hide the URL >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
