Merge r728015, r728220, r728020 from trunk:

covener · covener · commit 73387a618761 · 2009-01-31T20:41:58.000Z
*) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome way that per-directory rewrites append the previous notion of PATH_INFO to each substitution before evaluating subsequent rules. PR38642 [Eric Covener] axe r->path_info in a more standard way, suggested by Aleksander Budzynowski doc typo spotted by Vincent Bray Submitted By: Eric Covner Reviewed by: jorton, pgolluci git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@739600 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.12
 
+ *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
+    way that per-directory rewrites append the previous notion of PATH_INFO
+    to each substitution before evaluating subsequent rules. 
+    PR38642 [Eric Covener]
+
   *) mod_authnz_ldap: Reduce number of initialization debug messages and make
      information more clear. PR 46342 [Dan Poirier]
 
diff --git a/STATUS b/STATUS
@@ -86,26 +86,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
-    way that per-directory rewrites append the previous notion of PATH_INFO
-    to each substitution before evaluating subsequent rules.
-    PR38642
-      trunk:
-        http://svn.apache.org/viewvc?rev=728015&view=rev
-        http://svn.apache.org/viewvc?rev=728220&view=rev
-        http://svn.apache.org/viewvc?rev=728020&view=rev (doc typo)
-      2.2.x:
-        trunk works
-    +1 covener, jorton, pgollucci
-    niq: Confused by this.  path_info is used at line 3923 *before*
-         being set to NULL at line 4046 in the same function.  Not
-         sure if there may be other issues of order.
-    covener: 1 rule is executed between these two lines, and the flag
-             prevents subsequent rules from spilling path_info back into
-             the local URI.  This preserves rulesets that are carefully
-             watching %{PATH_INFO} in their substitutions.  Not pretty
-             by any means but I think necessary to require opt-in for 2.2.x.
-
  * mod_ssl: Add SSLRenegBufferSize to configure the amount of memory that will
    be used for buffering the request body if a per-location SSL renegotiationi
    is required due to changed access control requirements.
diff --git a/docs/manual/mod/mod_rewrite.html.en b/docs/manual/mod/mod_rewrite.html.en
@@ -1240,6 +1240,33 @@ cannot use <code>$N</code> in the substitution string!
         <code>HttpOnly</code> flag is used, making the cookie not accessible
         to JavaScript code on browsers that support this feature.</dd>
 
+        <dt>'<code>discardpathinfo|DPI'
+        (discard PATH_INFO)</code></dt><dd>
+        <p>In per-directory context, the URI each <code class="directive">RewriteRule</code>
+        compares against is the concatenation of the current values of the URI 
+        and PATH_INFO.</p>  
+
+        <p>The current URI can be the initial URI as requested by the client, the
+        result of a previous round of mod_rewrite processing, or the result of
+        a prior rule in the current round of mod_rewrite processing.</p>
+
+        <p>In contrast, the PATH_INFO that is appended to the URI before each 
+        rule reflects only the value of PATH_INFO before this round of 
+        mod_rewrite processing. As a consequence, if large portions
+        of the URI are matched and copied into a substitution in multiple
+        <code class="directive">RewriteRule</code> directives, without regard for
+        which parts of the URI came from the current PATH_INFO, the final 
+        URI may have multiple copies of PATH_INFO appended to it.</p>
+
+        <p>Use this flag on any substitution where the PATH_INFO that resulted
+        from the previous mapping of this request to the filesystem is not of 
+        interest.  This flag permanently forgets the PATH_INFO established 
+        before this round of mod_rewrite processing began. PATH_INFO will 
+        not be recalculated until the current round of mod_rewrite processing
+        completes.  Subsequent rules during this round of processing will see 
+        only the direct result of substitutions, without any PATH_INFO 
+        appended.</p></dd>
+
         <dt>
         '<code>env|E=</code><em>VAR</em>:<em>VAL</em>'
         (set environment variable)</dt><dd>
diff --git a/docs/manual/mod/mod_rewrite.xml b/docs/manual/mod/mod_rewrite.xml
@@ -1255,6 +1255,33 @@ cannot use <code>$N</code> in the substitution string!
         <code>HttpOnly</code> flag is used, making the cookie not accessible
         to JavaScript code on browsers that support this feature.</dd>
 
+        <dt>'<code>discardpathinfo|DPI'
+        (discard PATH_INFO)</code></dt><dd>
+        <p>In per-directory context, the URI each <directive>RewriteRule</directive>
+        compares against is the concatenation of the current values of the URI 
+        and PATH_INFO.</p>  
+
+        <p>The current URI can be the initial URI as requested by the client, the
+        result of a previous round of mod_rewrite processing, or the result of
+        a prior rule in the current round of mod_rewrite processing.</p>
+
+        <p>In contrast, the PATH_INFO that is appended to the URI before each 
+        rule reflects only the value of PATH_INFO before this round of 
+        mod_rewrite processing. As a consequence, if large portions
+        of the URI are matched and copied into a substitution in multiple
+        <directive>RewriteRule</directive> directives, without regard for
+        which parts of the URI came from the current PATH_INFO, the final 
+        URI may have multiple copies of PATH_INFO appended to it.</p>
+
+        <p>Use this flag on any substitution where the PATH_INFO that resulted
+        from the previous mapping of this request to the filesystem is not of 
+        interest.  This flag permanently forgets the PATH_INFO established 
+        before this round of mod_rewrite processing began. PATH_INFO will 
+        not be recalculated until the current round of mod_rewrite processing
+        completes.  Subsequent rules during this round of processing will see 
+        only the direct result of substitutions, without any PATH_INFO 
+        appended.</p></dd>
+
         <dt>
         '<code>env|E=</code><em>VAR</em>:<em>VAL</em>'
         (set environment variable)</dt><dd>
diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
@@ -147,6 +147,7 @@
 #define RULEFLAG_NOSUB              1<<12
 #define RULEFLAG_STATUS             1<<13
 #define RULEFLAG_ESCAPEBACKREF      1<<14
+#define RULEFLAG_DISCARDPATHINFO    1<<15
 
 /* return code of the rewrite rule
  * the result may be escaped - or not
@@ -3281,7 +3282,12 @@ static const char *cmd_rewriterule_setflag(apr_pool_t *p, void *_cfg,
             ++error;
         }
         break;
-
+    case 'd':
+    case 'D':
+        if (!*key || !strcasecmp(key, "PI") || !strcasecmp(key,"iscardpath")) {       
+            cfg->flags |= (RULEFLAG_DISCARDPATHINFO);
+        } 
+        break;
     case 'e':
     case 'E':
         if (!*key || !strcasecmp(key, "nv")) {             /* env */
@@ -3337,7 +3343,6 @@ static const char *cmd_rewriterule_setflag(apr_pool_t *p, void *_cfg,
             ++error;
         }
         break;
-
     case 'l':
     case 'L':
         if (!*key || !strcasecmp(key, "ast")) {            /* last */
@@ -3889,6 +3894,11 @@ static int apply_rewrite_rule(rewriterule_entry *p, rewrite_ctx *ctx)
 
     /* Now adjust API's knowledge about r->filename and r->args */
     r->filename = newuri;
+
+    if (ctx->perdir && (p->flags & RULEFLAG_DISCARDPATHINFO)) {
+        r->path_info = NULL; 
+    }
+
     splitout_queryargs(r, p->flags & RULEFLAG_QSAPPEND);
 
     /* Add the previously stripped per-directory location prefix, unless
