[Bug 69432] regression in mod rewrite rule while migrating from 2.4.59 to 2.4.62

bugzilla Wed, 06 Nov 2024 07:33:55 -0800

https://bz.apache.org/bugzilla/show_bug.cgi?id=69432


rajendra rathore <[email protected]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEEDINFO                    |NEW

--- Comment #2 from rajendra rathore <[email protected]> ---
Hi Ruediger,

we fixed host header injection vullnurability by applying this rule, it was
worked perfectly with 2.4.59 Apache Http server, it was stop working with
latest Apache version, I enable loggers but not properly understand what is the
issue here.


[Wed Nov 06 18:33:26.123164 2024] [rewrite:trace2] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] init rewrite engine with
requested uri /TEST123/app/, referer: http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123233 2024] [rewrite:trace3] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] applying pattern '^(.*)$'
to uri '/TEST123/app/', referer: http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123243 2024] [rewrite:trace4] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] RewriteCond:
input='vagrantq.ptcnet.ptc.com:2280' pattern='!^(test.test.com:2280)$' [NC] =>
matched, referer: http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123244 2024] [rewrite:trace2] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] rewrite '/TEST123/app/' ->
'[R=301,L]', referer: http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123246 2024] [rewrite:trace3] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] add root prefix: [R=301,L]
-> /[R=301,L], referer: http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123248 2024] [rewrite:trace2] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] setting lastsub to rule
with output [R=301,L], referer: http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123249 2024] [rewrite:trace2] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] local path result:
/[R=301,L], referer: http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123253 2024] [rewrite:trace2] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] prefixed with
document_root to /opt/ptc/raven_237/HTTPServer/htdocs/[R=301,L], referer:
http://test.test.com:2280/TEST123/
[Wed Nov 06 18:33:26.123255 2024] [rewrite:trace1] [pid 2964750:tid 2964756]
mod_rewrite.c(505): [client 172.27.192.1:57031] 172.27.192.1 - -
[test.test.com/sid#e7d7b0][rid#7f7770002c10/initial] go-ahead with
/opt/ptc/raven_237/HTTPServer/htdocs/[R=301,L] [OK], referer:
http://test.test.com:2280/TEST123/

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[Bug 69432] regression in mod rewrite rule while migrating from 2.4.59 to 2.4.62

Reply via email to