diff options
author | Eric Covener <covener@apache.org> | 2023-04-11 21:36:55 +0000 |
---|---|---|
committer | Eric Covener <covener@apache.org> | 2023-04-11 21:36:55 +0000 |
commit | 87e2658c1c2441db68b827761c575a617532c85e (patch) | |
tree | 7bc12631b9f86225f83d335f601cadbb7b54795c | |
parent | 266f9b2b263c28a0629c0db3bd7b48ddfafda33c (diff) | |
download | httpd-87e2658c1c2441db68b827761c575a617532c85e.tar.gz |
PR66563: escaping of url releated server vars
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1909073 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | docs/manual/mod/mod_rewrite.xml | 9 | ||||
-rw-r--r-- | docs/manual/rewrite/flags.xml | 4 |
2 files changed, 11 insertions, 2 deletions
diff --git a/docs/manual/mod/mod_rewrite.xml b/docs/manual/mod/mod_rewrite.xml index dff26d97c2..793d75666d 100644 --- a/docs/manual/mod/mod_rewrite.xml +++ b/docs/manual/mod/mod_rewrite.xml @@ -661,7 +661,11 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3" <dd>The path component of the requested URI, such as "/index.html". This notably excludes the query string which is available as its own variable - named <code>QUERY_STRING</code>.</dd> + named <code>QUERY_STRING</code>. The value returned for + both <code>REQUEST_URI</code> and <code>QUERY_STRING</code> + has already been %-decoded, to re-encoded it pass it through + the "escape" <a href="#mapfunc">mapping-function</a>. + </dd> <dt><code>THE_REQUEST</code></dt> @@ -1333,7 +1337,8 @@ cannot use <code>$N</code> in the substitution string! <tr> <td>B</td> <td>Escape non-alphanumeric characters in backreferences <em>before</em> - applying the transformation. <em><a + applying the transformation. For similar escaping of server-variables, see + the "escape" <a href="#mapfunc">mapping-function</a>.<em><a href="../rewrite/flags.html#flag_b">details ...</a></em></td> </tr> <tr> diff --git a/docs/manual/rewrite/flags.xml b/docs/manual/rewrite/flags.xml index ea8b0ce3ad..c61d4229c3 100644 --- a/docs/manual/rewrite/flags.xml +++ b/docs/manual/rewrite/flags.xml @@ -76,6 +76,10 @@ so backreferences are unescaped at the time they are applied. Using the B flag, non-alphanumeric characters in backreferences will be escaped. For example, consider the rule:</p> +<p>For similar escaping of server-variables, see + the "escape" <a href="#mapfunc">mapping-function</a></p> + + <highlight language="config"> RewriteRule "^search/(.*)$" "/search.php?term=$1" </highlight> |