[Bug 63262] RewriteRule in section matches against file system path instead of URI path
https://bz.apache.org/bugzilla/show_bug.cgi?id=63262
--- Comment #2 from Chris Seufert ---
I have recently run into what I think is this issue with the following config:
RewriteEngine On
RewriteCond "%{REQUEST_URI}" !^/___proxy_me/
RewriteRule ^/(.*)$ "/___proxy_me/$1"
# [L,NE,B=%\ |:]
ProxyPass /___proxy_me/ "http://backend/"; upgrade=websocket
What ends up happening is the backend server receives a url like:
%{document_root}%{request_uri}
>From logs of two apache servers main proxying to backend running in docker:
backend-1 | 172.21.0.2 - - [24/Mar/2024:10:49:02 +] "GET
/usr/local/apache2/htdocs/ HTTP/1.1" 404 196
main-1 | 172.21.0.1 - - [24/Mar/2024:10:49:02 +] "GET / HTTP/1.1" 404
196
backend-1 | 172.21.0.3 - - [24/Mar/2024:11:06:25 +] "GET
/usr/local/apache2/htdocs/test-url.html HTTP/1.1" 404 196
main-1 | 172.21.0.1 - - [24/Mar/2024:11:06:25 +] "GET /test-url.html
HTTP/1.1" 404 196
for repoduction using latest docker image version:
https://github.com/cseufert/apache-proxy-test-2
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 57691] mod_proxy/proxy_util confuses UDS scheme with HTTP scheme when using RewriteRule
https://bz.apache.org/bugzilla/show_bug.cgi?id=57691 Yann Ylavic changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED --- Comment #12 from Yann Ylavic --- (In reply to Chris Seufert from comment #11) > I am not sure this is fixed for all cases. This might work with a RewriteRule [PT] flag. I don't see how this (convoluted) configuration relates to this ticket though (no "unix:" scheme involved), set to RESOLVED again. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 57691] mod_proxy/proxy_util confuses UDS scheme with HTTP scheme when using RewriteRule
https://bz.apache.org/bugzilla/show_bug.cgi?id=57691
Chris Seufert changed:
What|Removed |Added
Resolution|FIXED |---
Status|RESOLVED|REOPENED
--- Comment #11 from Chris Seufert ---
I am not sure this is fixed for all cases.
I have recently run into an issue with the following config:
RewriteEngine On
RewriteCond "%{REQUEST_URI}" !^/___proxy_me/
RewriteRule ^/(.*)$ "/___proxy_me/$1"
# [L,NE,B=%\ |:]
ProxyPass /___proxy_me/ "http://backend/"; upgrade=websocket
What ends up happening is the backend server receives a url like:
%{document_root}%{request_uri}
>From logs of two apache servers main proxying to backend running in docker:
backend-1 | 172.21.0.2 - - [24/Mar/2024:10:49:02 +] "GET
/usr/local/apache2/htdocs/ HTTP/1.1" 404 196
main-1 | 172.21.0.1 - - [24/Mar/2024:10:49:02 +] "GET / HTTP/1.1" 404
196
backend-1 | 172.21.0.3 - - [24/Mar/2024:11:06:25 +] "GET
/usr/local/apache2/htdocs/test-url.html HTTP/1.1" 404 196
main-1 | 172.21.0.1 - - [24/Mar/2024:11:06:25 +] "GET /test-url.html
HTTP/1.1" 404 196
for repoduction using latest docker image version:
https://github.com/cseufert/apache-proxy-test-2
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
Bug report for Apache httpd-2 [2024/03/24]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|Opn|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |27257|Ass|Enh|2004-02-26|rotatelogs with getopt and setuid | |27715|Ass|Enh|2004-03-16|Client sending misformed Range "bytes = 0-100" ins| |29090|Ass|Enh|2004-05-19|MultiviewsMatch NegotiatedOnly extensions not resp| |29510|Ass|Enh|2004-06-10|ab does not support multiple cookies | |29644|Ver|Nor|2004-06-17|mod_proxy keeps downloading even after the client | |30259|Ass|Enh|2004-07-22|When proxy connects to backend, a DNS lookup is do| |30505|Ass|Enh|2004-08-05|Apache uses 'Error', and not lower level event typ| |31302|Opn|Cri|2004-09-19|suexec doesn't execute commands if they're not in | |31352|Ass|Enh|2004-09-21|RFE, Bind to LDAP server with browser supplier use| |31418|Opn|Nor|2004-09-25|SSLUserName is not usable by other modules| |32328|Opn|Enh|2004-11-19|Make mod_rewrite escaping optional / expose intern| |32750|Ass|Maj|2004-12-17|mod_proxy + Win32DisableAcceptEx = memory leak| |33089|New|Nor|2005-01-13|mod_include: Options +Includes (or IncludesNoExec)| |34519|New|Enh|2005-04-19|Directory index should emit valid XHTML | |35098|Ver|Maj|2005-05-27|Install fails using --prefix | |35154|Opn|Nor|2005-06-01|Support for NID_serialNumber, etc. in SSLUserName | |35652|Opn|Min|2005-07-07|Improve error message: "pcfg_openfile: unable to c| |35768|Opn|Nor|2005-07-17|Missing file logs at far too high of log level| |36676|New|Nor|2005-09-15|time() bug in httpd/os/win32/util_win32.c:wait_for| |36710|Opn|Blk|2005-09-19|CGI output not captured | |37006|Ver|Reg|2005-10-11|"pthread" error when compiling under AIX 5.3 using| |37290|Opn|Min|2005-10-28|DirectoryIndex don't work in scriptaliased directo| |37564|New|Enh|2005-11-19|Suggestion: mod_suexec SuexecUserGroup directive i| |38325|Opn|Nor|2006-01-20|impossible to determine AUTH_TYPE of interpreted r| |38571|New|Enh|2006-02-08|CustomLog directive checked by apachectl configtes| |38995|New|Nor|2006-03-16|httpd tries to communicate with the CGI daemon eve| |39275|Opn|Nor|2006-04-11|slow child_init causes MaxClients warning | |39287|New|Nor|2006-04-12|Incorrect If-Modified-Since validation (due to syn| |39727|Ass|Nor|2006-06-05|Incorrect ETag on gzip:ed content | |39748|New|Enh|2006-06-07|Header and POST support for mod_include | |39807|
