>Number: 2018 >Category: general >Synopsis: QUERY_STRING parses %xx in SSI >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Mar 30 10:30:01 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: Apache/1.2b11-dev IOCOM/2.0.v PHP/2.0b11 PyApache/2.25 >Environment: Linux langley.io.com 2.0.32 #1 Tue Dec 9 16:16:54 CST 1997 i686 >Description: When cgis are called as SSI (exec cgi), or when ENVs are accessed via SSI (echo), QUERY_STRING and QUERY_STRING_UNESCAPED have %xx converted to their respective characters.
As a side note, include virtual loses QUERY_STRING entirely, although it does have QUERY_STRING_UNESCAPED. >How-To-Repeat: http://www.hoboes.com/jerry/test.shtml?God=Excitable%20Boy&Bob=John%20Wesley will show all the ways that SSIs have the % characters parsed http://www.hoboes.com/cgi-bin/Test.cgi?God=Excitable%20Boy&Bob=John%20Wesley will show the same cgi directly, with % characters not parsed, which I assume is the way it is supposed to be. >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
