Rainer Jung wrote:
Before I answer, let me first ask a question: What's wrong withg my
suggestion? Or even better: use the encoding done with mod_proxy_ajp?
Because it doesn't solve the real problem.
Original URI:
/myapp/%252e%252e/otherapp/danger
JkMount /myapp/*
Apache httpd will correctly decode the URI to
/myapp/%2e%2e/otherapp/danger
mod_jk does map it *correctly* to /myapp and forwards it to Tomcat.
It does not IMO, and that's what I'm talking.
Inside mod_jk we should decode
/myapp/%2e%2e/otherapp/danger to
/myapp/../otherapp/danger
No, If the original URI was /myapp/%252e%252e/otherapp/danger, then it
is not correct to end up with /otherapp/danger as a decoded URL.
Yes, but it was already rewritten by apache to
/myapp/%2e%2e/otherapp/danger
If we send that to Tomcat because we mapped to /myapp/*
that it's a security breakage.
A percent sign is a valid character in a ressource path. If one wants to
use it in ressource paths, one needs to encode it ('%25'), and it is not
allowed to decode '%25XX' again after decoding to '%XX' once.
So %252e -> %2e and that's it, no further decoding. It is not a '.',
because it is decoded already.
Why do you think, that
/myapp/%252e%252e/otherapp/danger
is equivalent to
/myapp/../otherapp/danger ?
Because it is on the Tomcat side and it ends up
as /otherapp/danger.
Now, your suggestion would send an faulty uri for
something that shouldn't be passed by the mod_jk at
the first place, because *we know* how the uri will
be decoded on Tomcat.
Regards,
Mladen.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
