Item14381: Preserve URL encoding of the URI.

CGI / FCGI leave it encoded. Mod_perl decodes it.
foswiki · May 1, 2017 · cbe577e · cbe577e
1 parent b1517ff
commit cbe577e
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 6 deletions.
diff --git a/ModPerlEngineContrib/data/System/ModPerlEngineContrib.txt b/ModPerlEngineContrib/data/System/ModPerlEngineContrib.txt
@@ -1,4 +1,4 @@
-%META:TOPICINFO{author="ProjectContributor" date="1480188097" format="1.1" version="1"}%
+%META:TOPICINFO{author="ProjectContributor" date="1493597080" format="1.1" version="1"}%
 ---+!! !ModPerlEngineContrib
 <!--
 One line description, required for extensions repository catalog.
@@ -149,6 +149,7 @@ set in %USERSWEB%.SitePreferences, default taken from
 ---++ Info
 
 |  Change History: | <!-- versions below in reverse order -->&nbsp; |
+|  30 Apr 2017 (1.05) | Foswikitask:Item14381: Preserver URL Encoding of the Foswiki URI. |
 |  26 Nov 2016 (1.04) | Released with Foswiki 2.1.3. Old Apache 1.x modules have been removed from the DEPENDENCIES file. |
 |  08 Apr 2016 (1.03) | Foswikitask:Item14022 Change foswiki.org links to https. |
 |  16 Jan 2016 (1.02) | Foswikitask:Item13926 Fix backwards compatibility with Foswiki 1.1. |

diff --git a/ModPerlEngineContrib/lib/Foswiki/Contrib/ModPerlEngineContrib.pm b/ModPerlEngineContrib/lib/Foswiki/Contrib/ModPerlEngineContrib.pm
@@ -23,8 +23,8 @@ use strict;
 
 use vars qw( $VERSION $RELEASE $SHORTDESCRIPTION );
 
-$VERSION          = '1.04';
-$RELEASE          = '26 Nov 2016';
+$VERSION          = '1.05';
+$RELEASE          = '30 Apr 2017';
 $SHORTDESCRIPTION = 'Permits Foswiki to be executed under mod_perl';
 
 1;
diff --git a/ModPerlEngineContrib/lib/Foswiki/Engine/Apache.pm b/ModPerlEngineContrib/lib/Foswiki/Engine/Apache.pm
@@ -151,7 +151,9 @@ sub preparePath {
         $pathInfo = '/' . $action . $pathInfo;
     }
     $req->pathInfo($pathInfo);
-    my $uri = $this->{r}->uri;
+
+    #SMELL: CGI and FastCGI leave the URI encoded, mod_perl decodes it.
+    my $uri = Foswiki::urlEncode( $this->{r}->uri );
     my $qs  = $this->{r}->args;
     $uri .= '?' . $qs if $qs;
     $req->uri($uri);

diff --git a/core/lib/Foswiki.pm b/core/lib/Foswiki.pm
@@ -1105,8 +1105,9 @@ sub generateHTTPHeaders {
     # use our version of the content type
     $hopts->{'Content-Type'} = $contentType;
 
-    $hopts->{'X-FoswikiAction'} = $this->{request}->action;
-    $hopts->{'X-FoswikiURI'}    = $this->{request}->uri;
+    # These headers don't appear to be used, and can leak stuff.
+    $hopts->{'X-FoswikiAction'} = $this->{request}->action if DEBUG;
+    $hopts->{'X-FoswikiURI'}    = $this->{request}->uri    if DEBUG;
 
     # Turn off XSS protection in DEBUG so it doesn't mask problems
     $hopts->{'X-XSS-Protection'} = 0 if DEBUG;