Date: Sun, 21 Mar 2004 11:00:05 -0800 (PST) From: Brian Szymanski <ski@indymedia.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/64544: mod_rewrite RewriteCond bug Message-ID: <200403211900.i2LJ05vE059184@www.freebsd.org> Resent-Message-ID: <200403211900.i2LJ0dPY017237@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 64544 >Category: ports >Synopsis: mod_rewrite RewriteCond bug >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Mar 21 11:00:39 PST 2004 >Closed-Date: >Last-Modified: >Originator: Brian Szymanski >Release: 4.9 >Organization: Indymedia >Environment: FreeBSD atotarho.wuhjuhbuh.afraid.org 4.9-STABLE FreeBSD 4.9-STABLE #0: Fri Feb 13 20:48:12 EST 2004 toor@atotarho.wuhjuhbuh.afraid.org:/usr/obj/usr/src/sys/ATOTARHO i386 >Description: Mod_rewrite: RewriteCond: ( Syntax: RewriteCond TestString CondPattern ) inconsistent expansion of environment variables in TestString depending on CondPattern. In particular, a CondPattern of ="" reveals different (and correct) results as compared to any other test. >How-To-Repeat: In httpd.conf: RewriteEngine on RewriteCond %{QUERY_STRING} PHPSESSID.+ RewriteRule ^.* whatever1 RewriteCond %{QUERY_STRING} ="" RewriteRule ^.* whatever2 Use a http client to pass in http://this_host/foobar.php?PHPSESSID=foo Look in rewrite.log and note that: ..RewriteCond: input='PHPSESSID=abc' pattern='=""' => not-matched ..RewriteCond: input='' pattern='PHPSESSID.+' => not-matched >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403211900.i2LJ05vE059184>