reverse proxy replaces square brackets in request
Maxim Dounin
mdounin at mdounin.ru
Fri Jul 13 19:50:26 UTC 2012
Hello!
On Fri, Jul 13, 2012 at 12:49:08PM +0200, Isaac Hailperin wrote:
> Hi,
>
> I have a redirect loop problem with a website that gets reversed
> proxied. It looks like the following is the cause (which I don't
> know how to solve)
>
> Inspecting the site with httpfox, the request my browser sends looks
> like this:
> https://www.acme.eu/acm/admin/gui_call.php?Object=admin@GuiAdminStartpage&Params[gui]=&action=&no_subtitle=1
>
> My nginx log tells me this:
> GET
> /acm/admin/gui_call.php?Object=admin at GuiAdminStartpage&Params%252525252525252525252525255bgui%252525252525252525252525255d=&action=&no_subtitle=1
> HTTP/1.1"
> HTTP/1.1" 301 486 "https://www.acme.eu/acm/ui/" "Mozilla/5.0 (X11;
> Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0.1"
>
> (This repeats over and over until firefox detects the loop)
>
> To me it looks like somehow nginx changes the square brackets around
> "gui" into "252525252525252525252525255b" and
> "252525252525252525252525255d" respectively. I assume that because
> the script gui_call.php gets wrong parameters, it redirects to
> /acm/ui. /acm/ui calls gui_call.php with wrong paramters, and so on.
>
> If my interpretation is correct, how can I stop this? If not, what
> is going on here?
The "GET ... HTTP/1.1" in nginx logs is what your browser sent to
nginx. Original request from browser likely had
"...Params=%5bgui%5d..." in it (which is ok as per RFC 3986 square
brackets must be escaped).
It's not clear why and where additional escaping of a "%"
character to "%25" happens, but likely in the same code which does
redirects, i.e. it's probably up to your php script.
Maxim Dounin
More information about the nginx
mailing list