Trouble with rewrite module and uri_escape (and patch)

Daisuke_Murase_Styp · July 30, 2010, 12:03pm

Hi,

I have nginx/0.7.67 and a following rewrite setting:

rewrite ^/entry/(.*) /entry?title=$1;

When request uri contains %3b (escaped ;), it’s decoded like following:

Request: /entry/abc%3bdef
Result: /entry?title=abc;def

But %26 (escaped &) is not decoded:

Request: /entry/abc%26def
Result: /entry?title=abc%26def

At HTTP URI spec, ; should be treated as query separator equal to &
IMHO

I wrote quick fix for this:

gist.github.com

https://gist.github.com/typester/500097

nginx_uri_escape.diff

diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c
index 9068bd9..e830ad5 100644
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -1283,7 +1283,7 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
         0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
 
                     /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */
-        0x80000869, /* 1000 0000 0000 0000  0000 1000 0110 1001 */
+        0x88000869, /* 1000 1000 0000 0000  0000 1000 0110 1001 */

This file has been truncated. show original

I don’t know this is correct way, but I want to fix this problem.
Review this please.

Regards,

–
Daisuke Murase (typester)

Daisuke_Murase_Styp · July 30, 2010, 3:27pm

On Fri, Jul 30, 2010 at 07:01:42PM +0900, Daisuke Murase (typester)
wrote:

I don’t know this is correct way, but I want to fix this problem.
Review this please.

You are right, thank you.

–
Igor S.
http://sysoev.ru/en/