On 3/2/23 3:30 PM, yla...@apache.org wrote:
> Author: ylavic
> Date: Thu Mar 2 14:30:20 2023
> New Revision: 1907972
>
> URL: http://svn.apache.org/viewvc?rev=1907972&view=rev
> Log:
> mod_proxy: Don't decode r->uri and reencode in r->filename for
> mapping=encoded.
>
> Decoding was not done for mapping=servlet only (a subset), but overlooked for
> mapping=encoded. To avoid double-encoding in the canon_handler hook, use a new
> "proxy-noencode" (similarly to "proxy-nocanon") entry in r->notes.
>
> * proxy/mod_proxy.c(ap_proxy_trans_match):
> Set "proxy-noencode" in r->notes for PROXYPASS_MAP_ENCODED, and return DONE
> to avoid decoding in ap_process_request_internal().
>
> * proxy/mod_proxy_http.c, proxy/mod_proxy_ajp.c, proxy/mod_proxy_wstunnel.c,
> proxy/mod_proxy_fcgi.c, proxy/mod_proxy_ajp.c, http2/mod_proxy_http2.c:
> Don't process the url through ap_proxy_canonenc() in canon_handler if
> "proxy-noencode" is set.
>
This solves the issue for mapping=encoded set with ProxyPass. It does not solve
a similar problem
with RewriteRules using the P flag when AllowEncodedSlashes is set to NoDecode.
In this case
potential %2F's in the URL will get encoded to %252F. I would like
ap_proxy_canonenc to leave
%2F untouched (not encoding the '%') in case AllowEncodedSlashes is set to
NoDecode. Opinions?
Regards
RĂ¼diger
