It seems that while <Location> is compared to ap_no2slash(r->uri),
<LocationMatch> is matched against r->uri directly.
That's probably the "issue".
A possible fix (untested) could be:
Index: server/request.c
===================================================================
--- server/request.c (revision 1674695)
+++ server/request.c (working copy)
@@ -1446,7 +1446,7 @@
pmatch = apr_palloc(rxpool, nmatch*sizeof(ap_regmatch_t));
}
- if (ap_regexec(entry_core->r, r->uri, nmatch, pmatch, 0)) {
+ if (ap_regexec(entry_core->r, entry_uri, nmatch, pmatch, 0)) {
continue;
}
@@ -1456,7 +1456,7 @@
apr_table_setn(r->subprocess_env,
((const char
**)entry_core->refs->elts)[i],
apr_pstrndup(r->pool,
- r->uri + pmatch[i].rm_so,
+ entry_uri + pmatch[i].rm_so,
pmatch[i].rm_eo - pmatch[i].rm_so));
}
}
--
On Mon, Apr 27, 2015 at 10:52 PM, Jim Riggs <[email protected]> wrote:
> This came up at ApacheCon a couple of weeks ago. I just took this knowledge
> for granted, as I have always accounted for it, but both Rich and Trawick
> were surprised. As I thought about it some more, it seems this may be a POLA
> violation. Thoughts? If we agree it should be fixed, I can make the bugz and
> make a patch.
>
> Consider:
>
> <Location "/slash/foo">
> ...
> </Location>
>
> vs.
>
> <LocationMatch "^/slash/foo">
> ...
> </LocationMatch>
>
>
> These do not behave the same if multiple slashes are used. The leading
> slashes are always coalesced, so "^/..." is fine; however, any intermediate
> slashes are not. So, in order for the LocationMatch directive above to behave
> the same as the Location, it has to be specified as "^/slash/+foo". Like I
> said, I have always accounted for this in my regexps, but it doesn't seem
> "right". Should the URL be normalized before being passed to regex-matching
> directives, or is there a specific reason that is not done?
>
> +-------------------+--------------+--------------+--------------+
> | Path | Non-Regex | *Match, | *Match, |
> | | Directive: | RewriteRule: | RewriteRule: |
> | | /slash/foo | ^/slash/foo | ^/slash/+foo |
> +-------------------+--------------+--------------+--------------+
> | /slash/foo | Match | Match | Match |
> +-------------------+--------------+--------------+--------------+
> | ////slash/foo | Match | Match | Match |
> +-------------------+--------------+--------------+--------------+
> | /slash///foo | Match | XXX | Match |
> +-------------------+--------------+--------------+--------------+
> | ////slash///foo// | Match | XXX | Match |
> +-------------------+--------------+--------------+--------------+
>
