Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cannot match %2F in mod_rewrite

Tags:

url-rewriting

mod-rewrite

apache2

I have a set of rewrite rules (in a .htaccess) something like this:

RewriteRule ^list/vendor/(.*)$ list.php?vendor=$1
RewriteRule ^list/product/(.*)$ list.php?product=$1
RewriteRule ^list/(.*)$ list.php?search=$1

(I don't think the first two are relevant to my question, though).

When I type in myserver.com/list/foo%2Cbar or even myserver.com/list/foo/bar, I get the results I expect: list.php is called with foo,bar and foo/bar in $_GET['search'].

But if I type in myserver.com/list/foo%2Fbar, it seems that the rule doesn't match! I get a 404 error instead. What can be going on here? Apache 2.2.14, if it matters.

(I tried in Firefox and Chrome, same results -- but it could be the browser acting up, of course).

like image 558
LHMathies Avatar asked Sep 25 '11 09:09

LHMathies

People also ask

Why does mod_rewrite only process rewrite rules for URL-paths?

When RewriteRule is used in VirtualHost or server context with version 2.2.22 or later of httpd, mod_rewrite will only process the rewrite rules if the request URI is a URL-path. This avoids some security issues where particular rules could allow "surprising" pattern expansions (see CVE-2011-3368 and CVE-2011-4317 ).

Does mod_rewrite allow too many matches?

However, this approach still allows too many matches. We’re storing our matches as atoms, and will be passing them to a query string, so we have to be able to trust what we match. Matching anything with (.*) is too much of a potential security hazard, and, when used inappropriately, could even cause mod_rewrite to get stuck in a loop!

How to enable mod_rewrite in Apache server?

In my ubuntu it's placed at /etc/apache2/sites-available/default): After that, you should enable mod_rewrite with this command: The last one, restart your apache service: To ensure that, you can check it again from phpinfo in Configuration > apache2handler > Loaded Modules there must be written mod_rewrite and it means mod_rewrite is enabled.

How do I use a rewrite rule?

A rewrite rule can be invoked in httpd.conf or in.htaccess. The path generated by a rewrite rule can include a query string, or can lead to internal sub-processing, external request redirection, or internal proxy throughput. Further details, discussion, and examples, are provided in the detailed mod_rewrite documentation.

1 Answers

Bah, I found it... Apache option AllowEncodedSlashes, which cannot be set per directory or from .htaccess, and which is Off by default.

Build-a-workaround time, if I can't get the hosting guys to turn it on in my virtual server.

like image 69
LHMathies Avatar answered Oct 21 '22 01:10

LHMathies
Sign in to Comment

Related questions

Add trailing slash to url
REQUEST_URI is not overridden by using APACHE RewriteRule?
Angular application indexed by Google
URL Rewriting OpenCart Products SEO
How to redirect to 404 when url is pointing to an existing folder (no trailing slash). HAproxy or mod-rewrite related
Laravel htaccess issue
Apache 2 mod_rewrite and PHP. Modify $_SERVER['REQUEST_URI'] value from htaccess?
htaccess Options +FollowSymLinks giving me 500 internal server error
Is there an alternative of RewriteRule / .htaccess for a Python http.server.HTTPServer?
Is it possible to use a mod_rewrite server variable inside a RewriteCond's CondPattern?
.htaccess [L] and [end] flags
Rerouting all http traffic to https with AWS ELB
stop .htaccess mod_rewrite in a directory
mod_rewrite rules logging "Config variable ${REQUEST_URI} is not defined" on every request
Unable to ignore mod_rewrite internal redirects with NS flag
Force https for entire server/domain
Rewriting a URL to a query string on Apache and Nginx
mod_rewrite in vhosts configuration
How to NOT match a word in mod_rewrite
Regex patterns in Apache RewriteCond and friends: full or partial match?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!