>> Maybe we can slip an additional entry into the changelog.
>> I think in this case, for now at least, we'd primarily rely on the error_log 
>> entry. Did this produce the new AH10410?

Yes, the error log did include the AH10410 message.

URL encoding the spaces either as \%20 (path or query string) or + (query 
string) does eliminate the problem for our mappings.

From: Eric Covener <cove...@gmail.com>
Sent: Wednesday, March 8, 2023 8:31 PM
To: dev@httpd.apache.org
Subject: Re: [VOTE] [VOTE] Release httpd-2.4.56-rc1 as httpd-2.4.56

On Wed, Mar 8, 2023 at 11: 02 PM BUSH Steve <Steven. BUSH@ 3ds. com> wrote: 
Correction! I used our test template for the rule when I e-mailed just now, but 
once it is converted to the apache httpd. conf format, the actual rule appears 
in the
ZjQcmQR
YFpfptBannerEnd

On Wed, Mar 8, 2023 at 11:02 PM BUSH Steve 
<steven.b...@3ds.com<mailto:steven.b...@3ds.com>> wrote:
Correction!
I used our test template for the rule when I e-mailed just now, but once it is 
converted to the apache httpd.conf format, the actual rule appears in the 
httpd.conf as:
RewriteRule ^/zoology/animals/reset/(\d+)$ "/auth/launchjob?Number of 
Records=$1&__poolid=animal-magic" [B,PT,L,QSA]

Thanks for the report.   Time will tell, but I think this is a very fringe 
case. The space isn't a backreference (where `B` would have fixed it) and a 
literal with a space in the substitution has to be quite rare (famous last 
words)
I just looked at the mod_rewrite.c source differences from 2.4.55 to 2.4.56 and 
it’s clear that the use of spaces in the query string of the mapped URL are the 
cause of the 403 forbidden messages.

We can update our httpd.conf mapping code, so it won’t be a problem for us, but 
it might be worth updating the mod_rewrite documentation on this?


Maybe we can slip an additional entry into the changelog.
I think in this case, for now at least, we'd primarily rely on the error_log 
entry. Did this produce the new AH10410?



This email and any attachments are intended solely for the use of the 
individual or entity to whom it is addressed and may be confidential and/or 
privileged.

If you are not one of the named recipients or have received this email in error,

(i) you should not read, disclose, or copy it,

(ii) please notify sender of your receipt by reply email and delete this email 
and all attachments,

(iii) Dassault Systèmes does not accept or assume any liability or 
responsibility for any use of or reliance on this email.


Please be informed that your personal data are processed according to our data 
privacy policy as described on our website. Should you have any questions 
related to personal data protection, please contact 3DS Data Protection Officer 
https://www.3ds.com/privacy-policy/contact/

Reply via email to