File lighttpd-1.4.x_revert_rewrite_redirect_decode_u... of Package lighttpd

Overview Repositories Revisions Requests Users Attributes Meta

File lighttpd-1.4.x_revert_rewrite_redirect_decode_url.patch of Package lighttpd

Index: src/mod_rewrite.c
===================================================================
--- src/mod_rewrite.c	(revision 2361)
+++ src/mod_rewrite.c	(revision 2362)
@@ -350,11 +350,7 @@
 
 	if (!p->conf.rewrite) return HANDLER_GO_ON;
 
-	buffer_copy_string_buffer(p->match_buf, con->uri.path);
-	if (con->uri.query->used > 0) {
-		buffer_append_string_len(p->match_buf, CONST_STR_LEN("?"));
-		buffer_append_string_buffer(p->match_buf, con->uri.query);
-	}
+	buffer_copy_string_buffer(p->match_buf, con->request.uri);
 
 	for (i = 0; i < p->conf.rewrite->used; i++) {
 		pcre *match;
Index: src/mod_redirect.c
===================================================================
--- src/mod_redirect.c	(revision 2361)
+++ src/mod_redirect.c	(revision 2362)
@@ -178,11 +178,7 @@
 
 	mod_redirect_patch_connection(srv, con, p);
 
-	buffer_copy_string_buffer(p->match_buf, con->uri.path);
-	if (con->uri.query->used > 0) {
-		buffer_append_string_len(p->match_buf, CONST_STR_LEN("?"));
-		buffer_append_string_buffer(p->match_buf, con->uri.query);
-	}
+	buffer_copy_string_buffer(p->match_buf, con->request.uri);
 
 	for (i = 0; i < p->conf.redirect->used; i++) {
 		pcre *match;
Index: tests/mod-proxy.t
===================================================================
--- tests/mod-proxy.t	(revision 2361)
+++ tests/mod-proxy.t	(revision 2362)
@@ -8,14 +8,24 @@
 
 use strict;
 use IO::Socket;
-use Test::More tests => 6;
+use Test::More tests => 9;
 use LightyTest;
 
 my $tf_real = LightyTest->new();
 my $tf_proxy = LightyTest->new();
 
 my $t;
+my $php_child = -1;
 
+my $phpbin = (defined $ENV{'PHP'} ? $ENV{'PHP'} : '/usr/bin/php-cgi');
+$ENV{'PHP'} = $phpbin;
+
+SKIP: {
+	skip "PHP already running on port 1026", 1 if $tf_real->listening_on(1026);
+	skip "no php binary found", 1 unless -x $phpbin;
+	ok(-1 != ($php_child = $tf_real->spawnfcgi($phpbin, 1026)), "Spawning php");
+}
+
 ## we need two procs
 ## 1. the real webserver
 ## 2. the proxy server
@@ -26,9 +36,9 @@
 $tf_proxy->{PORT} = 2050;
 $tf_proxy->{CONFIGFILE} = 'proxy.conf';
 
-ok($tf_real->start_proc == 0, "Starting lighttpd") or die();
+ok($tf_real->start_proc == 0, "Starting lighttpd") or goto cleanup;
 
-ok($tf_proxy->start_proc == 0, "Starting lighttpd as proxy") or die();
+ok($tf_proxy->start_proc == 0, "Starting lighttpd as proxy") or goto cleanup;
 
 $t->{REQUEST}  = ( <<EOF
 GET /index.html HTTP/1.0
@@ -46,6 +56,31 @@
 $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'Server' => 'Apache 1.3.29' } ];
 ok($tf_proxy->handle_http($t) == 0, 'drop Server from real server');
 
+SKIP: {
+	skip "no PHP running on port 1026", 1 unless $tf_real->listening_on(1026);
+	$t->{REQUEST}  = ( <<EOF
+GET /rewrite/all/some+test%3axxx%20with%20space HTTP/1.0
+Host: www.example.org
+EOF
+ );
+	$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => '/some+test%3axxx%20with%20space' } ];
+	ok($tf_proxy->handle_http($t) == 0, 'rewrited urls work with encoded path');
+}
+
 ok($tf_proxy->stop_proc == 0, "Stopping lighttpd proxy");
 
 ok($tf_real->stop_proc == 0, "Stopping lighttpd");
+
+SKIP: {
+	skip "PHP not started, cannot stop it", 1 unless $php_child != -1;
+	ok(0 == $tf_real->endspawnfcgi($php_child), "Stopping php");
+	$php_child = -1;
+}
+
+exit 0;
+
+cleanup:
+
+$tf_real->endspawnfcgi($php_child) if $php_child != -1;
+
+die();
Index: tests/mod-rewrite.t
===================================================================
--- tests/mod-rewrite.t	(revision 2361)
+++ tests/mod-rewrite.t	(revision 2362)
@@ -8,7 +8,7 @@
 
 use strict;
 use IO::Socket;
-use Test::More tests => 8;
+use Test::More tests => 7;
 use LightyTest;
 
 my $tf = LightyTest->new();
@@ -35,7 +35,7 @@
  );
 	$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => '' } ];
 	ok($tf->handle_http($t) == 0, 'valid request');
-
+    
 	$t->{REQUEST}  = ( <<EOF
 GET /rewrite/foo?a=b HTTP/1.0
 Host: www.example.org
@@ -52,14 +52,6 @@
 	$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => 'bar&a=b' } ];
 	ok($tf->handle_http($t) == 0, 'valid request');
 
-	$t->{REQUEST}  = ( <<EOF
-GET %2Frewrite/f%6Fo?a=b HTTP/1.0
-Host: www.example.org
-EOF
- );
-	$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => 'a=b' } ];
-	ok($tf->handle_http($t) == 0, 'valid request with url encoded characters');
-
 	ok($tf->stop_proc == 0, "Stopping lighttpd");
 }
 
Index: tests/proxy.conf
===================================================================
--- tests/proxy.conf	(revision 2361)
+++ tests/proxy.conf	(revision 2362)
@@ -122,7 +122,8 @@
 url.redirect                = ( "^/redirect/$" => "http://localhost:2048/" )
 
 url.rewrite		    = ( "^/rewrite/foo($|\?.+)" => "/indexfile/rewrite.php$1",
-				"^/rewrite/bar(?:$|\?(.+))" => "/indexfile/rewrite.php?bar&$1" )
+				"^/rewrite/bar(?:$|\?(.+))" => "/indexfile/rewrite.php?bar&$1",
+				"^/rewrite/all(/.*)$" => "/indexfile/rewrite.php?$1" )
 
 expire.url                  = ( "/expire/access" => "access 2 hours",
 				"/expire/modification" => "access plus 1 seconds 2 minutes")
Index: doc/redirect.txt
===================================================================
--- doc/redirect.txt	(revision 2361)
+++ doc/redirect.txt	(revision 2362)
@@ -39,3 +39,9 @@
     $HTTP["host"] =~ "^www\.(.*)" {
       url.redirect = ( "^/(.*)" => "http://%1/$1" )
     }
+
+Warning
+=======
+
+Do NOT use mod_redirect to protect specific urls, as the original url passed from the client
+is matched against your rules, for example strings like "/abc/../xyz%2f/path".
Index: doc/rewrite.txt
===================================================================
--- doc/rewrite.txt	(revision 2361)
+++ doc/rewrite.txt	(revision 2362)
@@ -43,6 +43,12 @@
 The options ``url.rewrite`` and ``url.rewrite-final`` were mapped to ``url.rewrite-once``
 in 1.3.16.
 
+Warning
+=======
+
+Do NOT use mod_rewrite to protect specific urls, as the original url passed from the client
+is matched against your rules, for example strings like "/abc/../xyz%2f/path".
+
 Examples
 ========

Places

File lighttpd-1.4.x_revert_rewrite_redirect_decode_url.patch of Package lighttpd

Places