Bug 51669

Summary: Documentation of B flag needs to be clearer, refer to AllowEncodedSlashes
Product: Apache httpd-2 Reporter: Marcus Bointon <marcus>
Component: DocumentationAssignee: HTTP Server Documentation List <docs>
Status: RESOLVED FIXED    
Severity: normal    
Priority: P2    
Version: 2.5-HEAD   
Target Milestone: ---   
Hardware: PC   
OS: All   

Description Marcus Bointon 2011-08-17 00:22:09 UTC
The documentation for the mod_rewrite B-flag uses one poorly chosen example and lacks a link to other important info.

http://httpd.apache.org/docs/current/rewrite/flags.html#flag_b

A better example would be when submitting parameters containg normal urlencoded characters, and not special cases like '+', so given a typical rewrite like:

RewriteRule ^search/(.*)$ /search.php?term=$1

Given a search term of 'x & y/z', a browser will encode it as 'x%20%26%20y%2Fz', making the request 'search/x%20%26%20y%2Fz'. Without the B flag, this rewrite rule will map to 'search.php?term=x & y/z', which isn't a valid URL, and would behave as if you had requested: 'search.php?term=x%20&y%2Fz=', which is not what was intended.

With the B flag set on this same rule, the parameters are re-encoded before being passed on to the output URL, resulting in a correct mapping to '/search.php?term=x%20%26%20y%2Fz'.

Importantly, both of these examples will fail on a default apache configuration because apache doesn't allow encoded slashes in URLs, and returns a 404 if it sees one. This behaviour is overridable using the AllowEncodedSlashes directive (and provide a cross-reference to that).
Comment 1 Rich Bowen 2011-08-17 12:07:51 UTC
Thanks for this detailed example and explanation. I'll incorporate it into the documentation as soon as I get a chance.
Comment 2 Rich Bowen 2011-08-22 17:48:08 UTC
Thanks. I've applied your example in r1160345 in TRUNK.