DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=32328>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=32328 [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Version|2.1-HEAD |2.3-HEAD ------- Additional Comments From [EMAIL PROTECTED] 2007-01-25 19:01 ------- (In reply to comment #11) > Why does mod rewrite need to unescape these characters in the first place? Special characters like & > and # do not mean the same as %26 and %23 within in the context of an URL. By unescaping, this > information is being lost... At the early beginning, when the internal request processing starts, apache unescapes the URL-path once. This is not done by mod_rewrite, this happens before mod_rewrite is involved and I think this is also a part of the security concept. If you are using your rewrite rules in directory context, you have a filename (a physical path, e.g. /var/www/abc) while the per-dir prefix is stripped (so you're matching only against the local path 'abc' if your rules are stored in /var/www/). How would you map some unescaped URL-path to the file system? There's no way to make the unescaping process optional for a physical path in directory context. URL-path and QueryString have different rules for encoding. The QueryString is left untouched (by browser [except spaces] and server) while reserved and special chars in the URL-path must be requested hex-encoded by the client. Apache unescapes URL-path in order to process the request. A way to soften this problem would be a map function which encodes all non-[a-zA-Z0-9/,._-] characters into their %FF hex representation as discussed above. If you need the unescaped uri with all its consequences, use the ENV THE_REQUEST, which contains the full untouched request string like GET /foo%20bar?foo=bar HTTP/1.1 BTW: You can also analyze $_SERVER['REQUEST_URI'] within your php script and set the variable 'title' there. That would be another workaround for scripts (typo3 is using this method). -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
