Hi, The attached patch fixes the redirect code to not break the query string by re-encoding the = character.
Thanks, Brett.
diff -ru4 orig/pound-2.6/debian/patches/xss_redirect_fix.patch new/pound-2.6/debian/patches/xss_redirect_fix.patch --- orig/pound-2.6/debian/patches/xss_redirect_fix.patch 2012-02-03 09:46:07.000000000 +0000 +++ new/pound-2.6/debian/patches/xss_redirect_fix.patch 2013-12-23 13:35:39.000000000 +0000 @@ -42,9 +42,9 @@ + if ( + (ch>= 'A' && ch <='Z') || + (ch>= 'a' && ch <='z') || + (ch>= '0' && ch <='9') || -+ ch == '-' || ch == '_' || ch == '.' || ch == ':' || ch == '/' || ch == '?' || ch == '&' || ch == ';') { ++ ch == '-' || ch == '_' || ch == '.' || ch == ':' || ch == '/' || ch == '?' || ch == '&' || ch == ';' || ch == '=') { + + urlbuf[j++] = ch; + continue; + } diff -ru4 orig/pound-2.6/http.c new/pound-2.6/http.c --- orig/pound-2.6/http.c 2013-12-23 13:54:00.000000000 +0000 +++ new/pound-2.6/http.c 2013-12-23 13:52:56.000000000 +0000 @@ -81,9 +81,9 @@ if ( (ch>= 'A' && ch <='Z') || (ch>= 'a' && ch <='z') || (ch>= '0' && ch <='9') || - ch == '-' || ch == '_' || ch == '.' || ch == ':' || ch == '/' || ch == '?' || ch == '&' || ch == ';') { + ch == '-' || ch == '_' || ch == '.' || ch == ':' || ch == '/' || ch == '?' || ch == '&' || ch == ';' || ch == '=') { urlbuf[j++] = ch; continue; }