On Oct 21, 2008, at 8:38 PM, Ashley wrote:
> This is an old bug I reported the first time about two years ago,
> IIRC. Short version REDIRECT_URL + PATH_INFO can cause paths to get
> squirrelly if there are regex chars, which URIs can legally have.
>
>> - $base_path =~ s/$ENV{PATH_INFO}$//;
>> + $base_path =~ s/\Q$ENV{PATH_INFO}\E$//;
Attached is an svn diff -- redirect_url_substitution.patch -- against
Catalyst-Runtime/5.70/trunk, r8571. It updates t/
live_engine_request_uri.t, lib/Catalyst/Engine/CGI.pm, and Changes.
I didn't try to apply it but I'd be glad to (try at least) if a core
dev reviews it, or modify it if anyone directs it. If someone would
rather 'patch -p0', tweak, and commit yourself (as it were), that's
fine too. :)
There is a related bug report from Chris Dolan outstanding -- http://
rt.cpan.org/Ticket/Display.html?id=24951 -- which can be closed if
the patch is applied.
-Ashley
--
By the way, if you are going to work with this, please run the full
tests first. Some are failing (for me) in r8571 so you should see
that before trying my patch and then seeing it and thinking the patch
is to blame.
> This is an old bug I reported the first time about two years ago,
> IIRC. Short version REDIRECT_URL + PATH_INFO can cause paths to get
> squirrelly if there are regex chars, which URIs can legally have.
>
>> - $base_path =~ s/$ENV{PATH_INFO}$//;
>> + $base_path =~ s/\Q$ENV{PATH_INFO}\E$//;
Attached is an svn diff -- redirect_url_substitution.patch -- against
Catalyst-Runtime/5.70/trunk, r8571. It updates t/
live_engine_request_uri.t, lib/Catalyst/Engine/CGI.pm, and Changes.
I didn't try to apply it but I'd be glad to (try at least) if a core
dev reviews it, or modify it if anyone directs it. If someone would
rather 'patch -p0', tweak, and commit yourself (as it were), that's
fine too. :)
There is a related bug report from Chris Dolan outstanding -- http://
rt.cpan.org/Ticket/Display.html?id=24951 -- which can be closed if
the patch is applied.
-Ashley
--
By the way, if you are going to work with this, please run the full
tests first. Some are failing (for me) in r8571 so you should see
that before trying my patch and then seeing it and thinking the patch
is to blame.