>Number: 4305 >Category: mod_rewrite >Synopsis: Mod_Rewrite redirects itself into loop, causing hang, ignoring >of LAST and SKIP, etc. >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Sat Apr 24 19:10:01 PDT 1999 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.6 >Environment: Linux >Description: mod_rewrite will do an internal redirect that causes the same rule to be rerun which causes and internal redirect that causes the same rule to rerun, etc. This hangs the server if the resultant url matches the original pattern. Since the whole rule set gets rerun, it effectively negates the use LAST and SKIP amoung others. >How-To-Repeat: Example: RewriteRule ^(.*) /index.cgi?url=$1 The above fails, but this does not: RewriteRule ^([A-Z].*) /index.cgi?url=$1 because the new url of /index.cgi does not match the rewrite rule, where in the first case it does. Another example: RewriteRule ^(.+) /$1.cgi 50 .cgi's get added to the URL. >Fix: Anything coming from mod_rewrite to apache's redirect handler should not be sent back to mod_rewrite. Or conversly, if mod_rewrite notices that it is responsible for the last redirect, it should decline to handle the URL again. That's what multiple rules are for. I imagine SKIP=# will fail for the same reason. Last will likely fail for the same reason. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
