Tracker byug to ensure we don't break common configuration using RewriteRule See discussion on https://github.com/apache/httpd/commit/cab0bfbb2645bb8f689535e5e2834e2dbc23f5a5
http://www.mail-archive.com/dev@httpd.apache.org/msg67532.html
Following tests using "RewriteRule" options was found and their status was checked: Regression/mod_proxy_wstunnel-with-ssl/rewrite.conf:RewriteRule ^/wss-app.* wss://%%hostname%%:8443 [P] -- PASS Regression/bz1060536-mod_rewrite-doesn-t-expose-client_addr/bug1060536.conf: RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} -- PASS Regression/mod-rewrite-ssl-client-auth-lookup/httpd.conf: RewriteRule .* - [F] -- PASS Regression/bz517500-mod_rewrite-DPI/htaccess:RewriteRule ^foo-(.*) bar-$1 [DPI] -- PASS Regression/mod_rewrite-vs-mod_dir/bz1210091.conf: RewriteRule ^$ duck.html [L] -- PASS Regression/bz1343582-451-status-code/httpd.conf:RewriteRule ^/rhts-call-your-laywer - [R=451,L] -- PASS security/CVE-2006-3747/httpd.conf:RewriteRule ^/rhts-cve-3747-(.*) $1 -- PASS mod_cache/bug439842/runtest.sh:RewriteRule ^/cc\ dd /aa\ bb.html -- PASS Security/CVE-2011-3639-httpd-request-bypass-of-the-reverse-proxy/httpd.conf: RewriteRule (.*) http://127.0.0.2:80$1 [P] -- PASS Security/CVE-2013-1862-httpd-mod-rewrite-allows-terminal-escape/httpd.conf: RewriteRule ^path(.*) "http://127.0.0.1/ test/" -- PASS Security/CVE-2011-3368-httpd-reverse-web-proxy-vulnerability/httpd.conf: RewriteRule (.*) http://localhost$1 [P] -- PASS Conclusions All results PASSed therefore I assume this bug tracker as VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:1161