1

Apache, receiving a request with an encoded semicolon (%3B) is decoding it before passing the request to a proxy (backend of Spring Tomcat).

Relevant apache Virtual host lines are:

ProxyPreserveHost on RequestHeader set X-Forwarded-Proto https ProxyPass / http://127.0.0.1:8081/ ProxyPassReverse / http://127.0.0.1:8081/

So for example when a request for URL like

http://testsite.com/page/%27+many+times%3B+the+valiant/author

Would be proxy forwarded as

http://testsite.com/page/%27+many+times/author

Is there something I can do to prevent apache from decoding that URL before forwarding it to proxy?

Perhaps relevant issue noted on apache.org/bugzilla

Improve this question
4
  • 1
    Try you with nocanon directive? Commented Sep 20, 2017 at 22:21
  • @FedericoSierra Sorry. Apache noob here. What's the syntax for that directive? Commented Sep 20, 2017 at 22:24
  • 1
    Eg: ProxyPass / http://127.0.0.1:8081/ nocanon Commented Sep 20, 2017 at 22:26
  • @FedericoSierra Can I buy you a beer? Worked. Many thanks. Commented Sep 20, 2017 at 22:32

1 Answer 1

Reset to default
4

mod_proxy canonicalise URLs passed to the backend. If you want suppress this behavior use nocanon keyword and this passes the URL path "raw" to the backend.

Eg:

ProxyPass / http://127.0.0.1:8081/ nocanon
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.