[PATCH] mod_rewrite: double escaping of query strings in server context

(like PR50447, for server context) Submitted By: Evgeny Kotkov <evgeny.kotkov visualsvn.com> Committed By: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735088 13f79535-47bb-0310-9956-ffa450edef68
apache · Mar 15, 2016 · c1922e4 · c1922e4
1 parent 0905aa3
commit c1922e4
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_rewrite: Don't implicitly URL-escape the original query string
+     when no substitution has changed it (like PR50447 but server context)
+     [Evgeny Kotkov <evgeny.kotkov visualsvn.com>]
+
   *) core: New CGIVar directive can configure REQUEST_URI to represent the
      current URI being processed instead of always the original request.
      [Jeff Trawick]

diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
@@ -4548,6 +4548,7 @@ static int hook_uri2file(request_rec *r)
     unsigned int port;
     int rulestatus;
     void *skipdata;
+    const char *oargs;
 
     /*
      *  retrieve the config structures
@@ -4597,6 +4598,12 @@ static int hook_uri2file(request_rec *r)
         return DECLINED;
     }
 
+    /*
+     *  remember the original query string for later check, since we don't
+     *  want to apply URL-escaping when no substitution has changed it.
+     */
+    oargs = r->args;
+
     /*
      *  add the SCRIPT_URL variable to the env. this is a bit complicated
      *  due to the fact that apache uses subrequests and internal redirects
@@ -4731,11 +4738,21 @@ static int hook_uri2file(request_rec *r)
 
             /* append the QUERY_STRING part */
             if (r->args) {
+                char *escaped_args = NULL;
+                int noescape = (rulestatus == ACTION_NOESCAPE ||
+                                (oargs && !strcmp(r->args, oargs)));
+
                 r->filename = apr_pstrcat(r->pool, r->filename, "?",
-                                          (rulestatus == ACTION_NOESCAPE)
+                                          noescape
                                             ? r->args
-                                            : ap_escape_uri(r->pool, r->args),
+                                            : (escaped_args =
+                                               ap_escape_uri(r->pool, r->args)),
                                           NULL);
+
+                rewritelog((r, 1, NULL, "%s %s to query string for redirect %s",
+                            noescape ? "copying" : "escaping",
+                            r->args ,
+                            noescape ? "" : escaped_args));
             }
 
             /* determine HTTP redirect response code */