Lines 145-150
Link Here
|
145 |
#define RULEFLAG_NOESCAPE 1<<11 |
145 |
#define RULEFLAG_NOESCAPE 1<<11 |
146 |
#define RULEFLAG_NOSUB 1<<12 |
146 |
#define RULEFLAG_NOSUB 1<<12 |
147 |
#define RULEFLAG_STATUS 1<<13 |
147 |
#define RULEFLAG_STATUS 1<<13 |
|
|
148 |
#define RULEFLAG_ESCAPEBACKREF 1<<14 |
148 |
|
149 |
|
149 |
/* return code of the rewrite rule |
150 |
/* return code of the rewrite rule |
150 |
* the result may be escaped - or not |
151 |
* the result may be escaped - or not |
Lines 376-381
Link Here
|
376 |
/* Optional functions imported from mod_ssl when loaded: */ |
377 |
/* Optional functions imported from mod_ssl when loaded: */ |
377 |
static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *rewrite_ssl_lookup = NULL; |
378 |
static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *rewrite_ssl_lookup = NULL; |
378 |
static APR_OPTIONAL_FN_TYPE(ssl_is_https) *rewrite_is_https = NULL; |
379 |
static APR_OPTIONAL_FN_TYPE(ssl_is_https) *rewrite_is_https = NULL; |
|
|
380 |
static char *escape_uri(apr_pool_t *p, const char *path); |
379 |
|
381 |
|
380 |
/* |
382 |
/* |
381 |
* +-------------------------------------------------------+ |
383 |
* +-------------------------------------------------------+ |
Lines 624-629
Link Here
|
624 |
return 0; |
626 |
return 0; |
625 |
} |
627 |
} |
626 |
|
628 |
|
|
|
629 |
static const char c2x_table[] = "0123456789abcdef"; |
630 |
|
631 |
static APR_INLINE unsigned char *c2x(unsigned what, unsigned char prefix, |
632 |
unsigned char *where) |
633 |
{ |
634 |
#if APR_CHARSET_EBCDIC |
635 |
what = apr_xlate_conv_byte(ap_hdrs_to_ascii, (unsigned char)what); |
636 |
#endif /*APR_CHARSET_EBCDIC*/ |
637 |
*where++ = prefix; |
638 |
*where++ = c2x_table[what >> 4]; |
639 |
*where++ = c2x_table[what & 0xf]; |
640 |
return where; |
641 |
} |
642 |
|
643 |
/* |
644 |
* Escapes a uri in a similar way as php's urlencode does. |
645 |
* Based on ap_os_escape_path in server/util.c |
646 |
*/ |
647 |
static char *escape_uri(apr_pool_t *p, const char *path) { |
648 |
char *copy = apr_palloc(p, 3 * strlen(path) + 3); |
649 |
const unsigned char *s = (const unsigned char *)path; |
650 |
unsigned char *d = (unsigned char *)copy; |
651 |
unsigned c; |
652 |
|
653 |
while ((c = *s)) { |
654 |
if (apr_isalnum(c) || c == '_') { |
655 |
*d++ = c; |
656 |
} |
657 |
else if (c == ' ') { |
658 |
*d++ = '+'; |
659 |
} |
660 |
else { |
661 |
d = c2x(c, '%', d); |
662 |
} |
663 |
++s; |
664 |
} |
665 |
*d = '\0'; |
666 |
return copy; |
667 |
} |
668 |
|
627 |
/* |
669 |
/* |
628 |
* escape absolute uri, which may or may not be path oriented. |
670 |
* escape absolute uri, which may or may not be path oriented. |
629 |
* So let's handle them differently. |
671 |
* So let's handle them differently. |
Lines 2083-2089
Link Here
|
2083 |
* are interpreted by a later expansion, producing results that |
2125 |
* are interpreted by a later expansion, producing results that |
2084 |
* were not intended by the administrator. |
2126 |
* were not intended by the administrator. |
2085 |
*/ |
2127 |
*/ |
2086 |
static char *do_expand(char *input, rewrite_ctx *ctx) |
2128 |
static char *do_expand(char *input, rewrite_ctx *ctx, rewriterule_entry *entry) |
2087 |
{ |
2129 |
{ |
2088 |
result_list *result, *current; |
2130 |
result_list *result, *current; |
2089 |
result_list sresult[SMALL_EXPANSION]; |
2131 |
result_list sresult[SMALL_EXPANSION]; |
Lines 2195-2204
Link Here
|
2195 |
} |
2237 |
} |
2196 |
|
2238 |
|
2197 |
/* reuse of key variable as result */ |
2239 |
/* reuse of key variable as result */ |
2198 |
key = lookup_map(ctx->r, map, do_expand(key, ctx)); |
2240 |
key = lookup_map(ctx->r, map, do_expand(key, ctx, entry)); |
2199 |
|
2241 |
|
2200 |
if (!key && dflt && *dflt) { |
2242 |
if (!key && dflt && *dflt) { |
2201 |
key = do_expand(dflt, ctx); |
2243 |
key = do_expand(dflt, ctx, entry); |
2202 |
} |
2244 |
} |
2203 |
|
2245 |
|
2204 |
if (key) { |
2246 |
if (key) { |
Lines 2222-2230
Link Here
|
2222 |
if (bri->source && n < AP_MAX_REG_MATCH |
2264 |
if (bri->source && n < AP_MAX_REG_MATCH |
2223 |
&& bri->regmatch[n].rm_eo > bri->regmatch[n].rm_so) { |
2265 |
&& bri->regmatch[n].rm_eo > bri->regmatch[n].rm_so) { |
2224 |
span = bri->regmatch[n].rm_eo - bri->regmatch[n].rm_so; |
2266 |
span = bri->regmatch[n].rm_eo - bri->regmatch[n].rm_so; |
2225 |
|
2267 |
if (entry && (entry->flags & RULEFLAG_ESCAPEBACKREF)) { |
2226 |
current->len = span; |
2268 |
/* escape the backreference */ |
2227 |
current->string = bri->source + bri->regmatch[n].rm_so; |
2269 |
char *tmp2, *tmp; |
|
|
2270 |
tmp = apr_palloc(pool, span + 1); |
2271 |
strncpy(tmp, bri->source + bri->regmatch[n].rm_so, span); |
2272 |
tmp[span] = '\0'; |
2273 |
tmp2 = escape_uri(pool, tmp); |
2274 |
rewritelog((ctx->r, 5, ctx->perdir, "escaping backreference '%s' to '%s'", |
2275 |
tmp, tmp2)); |
2276 |
|
2277 |
current->len = span = strlen(tmp2); |
2278 |
current->string = tmp2; |
2279 |
} else { |
2280 |
current->len = span; |
2281 |
current->string = bri->source + bri->regmatch[n].rm_so; |
2282 |
} |
2283 |
|
2228 |
outlen += span; |
2284 |
outlen += span; |
2229 |
} |
2285 |
} |
2230 |
|
2286 |
|
Lines 2284-2290
Link Here
|
2284 |
char *name, *val; |
2340 |
char *name, *val; |
2285 |
|
2341 |
|
2286 |
while (env) { |
2342 |
while (env) { |
2287 |
name = do_expand(env->data, ctx); |
2343 |
name = do_expand(env->data, ctx, NULL); |
2288 |
if ((val = ap_strchr(name, ':')) != NULL) { |
2344 |
if ((val = ap_strchr(name, ':')) != NULL) { |
2289 |
*val++ = '\0'; |
2345 |
*val++ = '\0'; |
2290 |
|
2346 |
|
Lines 2373-2379
Link Here
|
2373 |
static void do_expand_cookie(data_item *cookie, rewrite_ctx *ctx) |
2429 |
static void do_expand_cookie(data_item *cookie, rewrite_ctx *ctx) |
2374 |
{ |
2430 |
{ |
2375 |
while (cookie) { |
2431 |
while (cookie) { |
2376 |
add_cookie(ctx->r, do_expand(cookie->data, ctx)); |
2432 |
add_cookie(ctx->r, do_expand(cookie->data, ctx, NULL)); |
2377 |
cookie = cookie->next; |
2433 |
cookie = cookie->next; |
2378 |
} |
2434 |
} |
2379 |
|
2435 |
|
Lines 3153-3158
Link Here
|
3153 |
int error = 0; |
3209 |
int error = 0; |
3154 |
|
3210 |
|
3155 |
switch (*key++) { |
3211 |
switch (*key++) { |
|
|
3212 |
case 'b': |
3213 |
case 'B': |
3214 |
if (!*key || !strcasecmp(key, "ackrefescaping")) { |
3215 |
cfg->flags |= RULEFLAG_ESCAPEBACKREF; |
3216 |
} |
3217 |
else { |
3218 |
++error; |
3219 |
} |
3220 |
break; |
3156 |
case 'c': |
3221 |
case 'c': |
3157 |
case 'C': |
3222 |
case 'C': |
3158 |
if (!*key || !strcasecmp(key, "hain")) { /* chain */ |
3223 |
if (!*key || !strcasecmp(key, "hain")) { /* chain */ |
Lines 3354-3360
Link Here
|
3354 |
++error; |
3419 |
++error; |
3355 |
} |
3420 |
} |
3356 |
break; |
3421 |
break; |
3357 |
|
|
|
3358 |
default: |
3422 |
default: |
3359 |
++error; |
3423 |
++error; |
3360 |
break; |
3424 |
break; |
Lines 3490-3496
Link Here
|
3490 |
*/ |
3554 |
*/ |
3491 |
static int apply_rewrite_cond(rewritecond_entry *p, rewrite_ctx *ctx) |
3555 |
static int apply_rewrite_cond(rewritecond_entry *p, rewrite_ctx *ctx) |
3492 |
{ |
3556 |
{ |
3493 |
char *input = do_expand(p->input, ctx); |
3557 |
char *input = do_expand(p->input, ctx, NULL); |
3494 |
apr_finfo_t sb; |
3558 |
apr_finfo_t sb; |
3495 |
request_rec *rsub, *r = ctx->r; |
3559 |
request_rec *rsub, *r = ctx->r; |
3496 |
ap_regmatch_t regmatch[AP_MAX_REG_MATCH]; |
3560 |
ap_regmatch_t regmatch[AP_MAX_REG_MATCH]; |
Lines 3613-3619
Link Here
|
3613 |
char *expanded; |
3677 |
char *expanded; |
3614 |
|
3678 |
|
3615 |
if (p->forced_mimetype) { |
3679 |
if (p->forced_mimetype) { |
3616 |
expanded = do_expand(p->forced_mimetype, ctx); |
3680 |
expanded = do_expand(p->forced_mimetype, ctx, p); |
3617 |
|
3681 |
|
3618 |
if (*expanded) { |
3682 |
if (*expanded) { |
3619 |
ap_str_tolower(expanded); |
3683 |
ap_str_tolower(expanded); |
Lines 3627-3633
Link Here
|
3627 |
} |
3691 |
} |
3628 |
|
3692 |
|
3629 |
if (p->forced_handler) { |
3693 |
if (p->forced_handler) { |
3630 |
expanded = do_expand(p->forced_handler, ctx); |
3694 |
expanded = do_expand(p->forced_handler, ctx, p); |
3631 |
|
3695 |
|
3632 |
if (*expanded) { |
3696 |
if (*expanded) { |
3633 |
ap_str_tolower(expanded); |
3697 |
ap_str_tolower(expanded); |
Lines 3759-3765
Link Here
|
3759 |
|
3823 |
|
3760 |
/* expand the result */ |
3824 |
/* expand the result */ |
3761 |
if (!(p->flags & RULEFLAG_NOSUB)) { |
3825 |
if (!(p->flags & RULEFLAG_NOSUB)) { |
3762 |
newuri = do_expand(p->output, ctx); |
3826 |
newuri = do_expand(p->output, ctx, p); |
3763 |
rewritelog((r, 2, ctx->perdir, "rewrite '%s' -> '%s'", ctx->uri, |
3827 |
rewritelog((r, 2, ctx->perdir, "rewrite '%s' -> '%s'", ctx->uri, |
3764 |
newuri)); |
3828 |
newuri)); |
3765 |
} |
3829 |
} |