>Number: 3354 >Category: mod_proxy >Synopsis: Escaped characters in URL break ProxyPass >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Fri Nov 6 08:20:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.3 >Environment: Linux MESCALINE.MIT.EDU 2.0.30 #2 Sat Apr 18 01:09:21 EDT 1998 i686 unknown gcc version 2.7.2.1 Redhat 4.1 system >Description: I set up a ProxyPass directive, eg:
ProxyPass /foo/ http://www.foo.com/ I then request the URL /foo/some/url/containing/%2F/wont/work. Apache gives a 404, saying the URL could not be found on this server instead of passing the request through to the proxy. >How-To-Repeat: Set up any ProxyPass, request a URL that should be proxied but contains an HTTP escape sequence, eg %2F. >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
