Incorrect handling of "%2b" in rewrite directive

Dmitry Petrov dmitry.petroff at gmail.com
Wed Oct 9 14:54:08 UTC 2013


Hi.

To perform rewrite, nginx does ngx_unescape_uri and then ngx_escape_uri to
pass request to backend. There is a problem with this functions: they both
can't handler "+" propertly: ngx_escape_uri does not escape «+» character

So when there is «%2b» sequence in rewrite command, it will be passed to
backend as «+» where it SHOULD be interpreted as space character.
I've attached a small patch that solved a problem for me.

For testing I used
location /foo {
  rewrite (.*) $1 break;
  proxy_pass http://localhost:1234;
}
+ while true; do nc -l -p 1234; done — to watch what is really send to
backend by nginx.

-- 
Regards,
Dmitry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20131009/ea8633fb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: uri-escape.patch
Type: application/octet-stream
Size: 880 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20131009/ea8633fb/attachment.obj>


More information about the nginx-devel mailing list