You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What steps will reproduce the problem?
1. Create a personal repository (I forked an existing repository)
2. Access the personal repository directly via the HTTP connector, notice this works
3. Access the personal repository via an Apache mod_proxy setup, notice that this fails
What is the expected output? What do you see instead?
The URL produced by gitblit appears to have URI encoded the slash between ~user and
the repository name.
e.g.:
~/user%2Frepo.git Succeeds direct to gitblit, fails via Apache
~/user/repo.git Fails direct and via Apache
The error message from Apache when accessing ~/user%2Frepo.git reports ~/user/repo.git
as not being found, indicating it is decoding the %2F prior to passing it on.
What version of the product are you using? On what operating system?
Gitblit GO 1.2.1 ...
Please provide any additional information below.
URI encoded URI parts (e.g. / to %2F) are problematic for many web servers and proxy
agents (e.g. mod_jk etc.), and many will aggressively decode or block such URIs to
combat URI traversal attacks. Avoiding them would be a good idea.
Reported by ultradodge on 2013-01-31 21:18:59
The text was updated successfully, but these errors were encountered:
Originally reported on Google Code with ID 193
Reported by
ultradodge
on 2013-01-31 21:18:59The text was updated successfully, but these errors were encountered: