Strange behaviour of %27 encoding in rewrite

Thu Nov 15 15:55:41 UTC 2018

Hello!

On Wed, Nov 14, 2018 at 03:54:20PM +0100, aquilinux wrote:

> Hi all,
> i'm seeing a strange behaviour in nginx rewrite involving encoded urls for
> *%27*
> I have this type of rewrite:
> 
> rewrite "^/brands/l-oreal$"
> > https://somedomain.tld/L%27Or%C3%A9al-Paris/index.html? permanent;
> >
> 
> That translates to this:
> 
> 
> >  [~]> curl -kIL https://mydomain.tld/brands/l-oreal
> > HTTP/2 301
> > server: nginx
> > date: Wed, 14 Nov 2018 14:44:21 GMT
> > content-type: text/html
> > content-length: 178
> > *location: https://somedomain.tld/L'Or%C3%A9al-Paris/index.html
> > <https://somedomain.tld/L'Or%C3%A9al-Paris/index.html>*
> > strict-transport-security: max-age=15768000; includeSubDomains
> 
> 
>  If i change %27 to %20 i have:
> 
> [~]> curl -kIL https://mydomain.tld/brands/l-oreal
> > HTTP/2 301
> > server: nginx
> > date: Wed, 14 Nov 2018 14:31:09 GMT
> > content-type: text/html
> > content-length: 178
> > *location: https://somedomain.tld/L%20Or%C3%A9al-Paris/index.html
> > <https://somedomain.tld/L%20Or%C3%A9al-Paris/index.html>*
> > strict-transport-security: max-age=15768000; includeSubDomains
> 
> 
> as expected.
> 
> The same strange behaviour applies to *%2C*, that is decoded to "*,*"
> instead of being passed unencoded, as expected.
> This is driving me nuts, can anyone explain (or fix) this?

This is because both "'" and "," don't need to be escaped.

And, given that the rewrite directive operates on the internal URI 
representation, the replacement argument is unescaped by nginx, 
and then escaped again when returning a permantent redirect.  But 
it only escapes characters which need to be escaped.

If you want nginx to return a redirect exactly in the way you 
wrote it, please consider using the "return" directive instead, 
for example:

    location = /brands/l-oreal {
        return 301 https://somedomain.tld/L%27Or%C3%A9al-Paris/index.html;
    }

-- 
Maxim Dounin
http://mdounin.ru/