22 lines
957 B
Diff
22 lines
957 B
Diff
diff --git a/mod_http2/mod_proxy_http2.c b/mod_http2/mod_proxy_http2.c
|
|
index 2208707..844653e 100644
|
|
--- a/mod_http2/mod_proxy_http2.c
|
|
+++ b/mod_http2/mod_proxy_http2.c
|
|
@@ -159,6 +159,16 @@ static int proxy_http2_canon(request_rec *r, char *url)
|
|
path = ap_proxy_canonenc(r->pool, url, (int)strlen(url),
|
|
enc_path, 0, r->proxyreq);
|
|
search = r->args;
|
|
+ if (search && *(ap_scan_vchar_obstext(search))) {
|
|
+ /*
|
|
+ * We have a raw control character or a ' ' in r->args.
|
|
+ * Correct encoding was missed.
|
|
+ */
|
|
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10412)
|
|
+ "To be forwarded query string contains control "
|
|
+ "characters or spaces");
|
|
+ return HTTP_FORBIDDEN;
|
|
+ }
|
|
}
|
|
break;
|
|
case PROXYREQ_PROXY:
|