Re: [mod-security-users] using mod_security2: a. with proxy requests and b. instead of mod_rewrite
Brought to you by:
victorhora,
zimmerletw
From: Christian B. <ch...@jw...> - 2011-05-23 12:51:32
|
Hi Stefan! Am 23.05.2011 um 14:20 schrieb Stock, Stefan: > So I already tried what you suggested here, which brought me one step closer. > However, the "?" is still not handled right (it's interpreted as "%3F" for some reason). ... > @Chris: I have tried both single and double quotes, eg proxy:'http://xxx' and "proxy:http://" > Both lead to the same result, eg "?" is not handled right (or the way I expect it to be handled). > > This is sort of driving me nuts. > Any ideas? I just talked to Josh and we believe that it's a bug within ModSecurity. You could always use the variable REQUEST_URI_RAW, which AFAIK includes the unparsed query string. But that's just a quick guess... Another option would be, to use mod-rewrite again: SecAction phase:1,pass,setenv:target_uri=%{REQUEST_URI} SecAction phase:1,pass,setenv:target_qs=%{QUERY_STRING} RewriteCond %{ENV:TARGET_URI} !^$ RewriteRule (.*) http://sonbisapp1vt:6260/%{ENV:TARGET_URI}?%{ENV:TARGET_QS} Perhaps special care needs to be taken in the rewrite with the ? being escaped by \? I don't have time to test this, right now. Chris |