https://issues.apache.org/bugzilla/show_bug.cgi?id=51930
Bug #: 51930
Summary: Apache is translating "//../" to "/"
Product: Apache httpd-2
Version: 2.0.63
Platform: HP
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_rewrite
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
Hello
Once Apache is receiving a post similar to the below
192.168.49.85 - - [01/Oct/2011:00:04:35 +0300] "POST //../ HTTP/1.1" 403 283
"-" "curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b
zlib/1.2.3 libidn/0.6.5"
the "//../" is changed to "/" as if it is translating //../ and changing the
// to /
hence this is causing some problems in denying such requests or in redirecting
"POST //../ HTTP/1.1" since we only need the "POST /"
rewrite rules in httpd.conf
RewriteCond %{REQUEST_METHOD} POST
#RewriteCond %{QUERY_STRING} ^/$
RewriteRule ^//../$ http://hotmail.com [P,L]
RewriteRule ^/$ http://google.com [P,L]
access_log
192.168.49.85 - - [01/Oct/2011:00:04:35 +0300] "POST //../ HTTP/1.1" 403 283
"-" "curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b
zlib/1.2.3 libidn/0.6.5"
rewrite_log
192.168.49.85 - - [01/Oct/2011:00:04:35 +0300]
[mms.celcom.net.my/sid#8e84e88][rid#8f48448/initial] (3) applying pattern
'^//../$' to uri '/'
192.168.49.85 - - [01/Oct/2011:00:04:35 +0300]
[mms.celcom.net.my/sid#8e84e88][rid#8f48448/initial] (3) applying pattern '^/$'
to uri '/'
Please advice on the above case. is there anyway to keep the POST as it appear
in the access_log while applying the RewriteCond
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
