we have Apache 2.4 fronting Tomcat via mod_jk.
When a request like "/abc/def/ghi/e380297.rhd" gets submitted mod_rewrite prepends the web application context path "web" resulting in "/web/abc/def/ghi/e380297.rhd". Afterwards the request is correctly passed thru to Tomcat.
But as soon as a Semicolon is inserted in any of the path segments of the URL, e.g. "/abc/de;f/ghi/e380297.rhd", then Apache does not pass the request to Tomcat but tries to look up the resource itself. As it does not exist (AH00128: File does not exist) it will return a 404.
mod_rewrite.c(475): [client 10.129.76.100:64002] 10.129.76.100 - - [x/sid#15e65d8][rid#405d670/initial] init rewrite engine with requested uri /abc/de;f/ghi/e380297.rhd
mod_rewrite.c(475): [client 10.129.76.100:64002] 10.129.76.100 - - [x/sid#15e65d8][rid#405d670/initial] applying pattern '^/(.*)' to uri '/abc/de;f/ghi/e380297.rhd'
mod_rewrite.c(475): [client 10.129.76.100:64002] 10.129.76.100 - - [x/sid#15e65d8][rid#405d670/initial] RewriteCond: input='/abc/de;f/ghi/e380297.rhd' pattern='!^/web/.*$' => matched
mod_rewrite.c(475): [client 10.129.76.100:64002] 10.129.76.100 - - [x/sid#15e65d8][rid#405d670/initial] RewriteCond: input='/abc/de;f/ghi/e380297.rhd' pattern='!^/content/.*$' => matched
mod_rewrite.c(475): [client 10.129.76.100:64002] 10.129.76.100 - - [x/sid#15e65d8][rid#405d670/initial] rewrite '/abc/de;f/ghi/e380297.rhd' -> '/web/abc/de;f/ghi/e380297.rhd'
mod_rewrite.c(475): [client 10.129.76.100:64002] 10.129.76.100 - - [x/sid#15e65d8][rid#405d670/initial] forcing '/web/abc/de;f/ghi/e380297.rhd' to get passed through to next API URI-to-filename handler
mod_authz_core.c(802): [client 10.129.76.100:64002] AH01626: authorization result of Require all granted: granted
mod_authz_core.c(802): [client 10.129.76.100:64002] AH01626: authorization result of <RequireAny>: granted
request.c(238): [client 10.129.76.100:64002] request authorized without authentication by access_checker_ex hook: /web/abc/de;f/ghi/e380297.rhd
client 10.129.76.100:64002] AH00128: File does not exist: /xxx/webroot/webapps/web/abc/de;f/ghi/e380297.rhd
...
http_filters.c(1008): [client 10.129.76.100:64002] Response sent with status 404, headers:
Why does Apache behave like this and what can I do to rectify this?
EDIT:
I looked at the mod_jk log file and I found:
[debug] jk_map_to_storage::mod_jk.c (3798): no match for /web/abc/de;f/ghi/e380297.rhd found
So it looks as if Apache is passing the request thru to mod_jk but mod_jk does not find a mapping, which is strange to me as we have a mount defined:
JkMount /*.rhd ajp13
Even more interesting when I use the following url
/abc/de.rhd;f/ghi/e380297.rhd
the request is passed to Tomcat.
So mod_jk correctly regards the semicolon as the start of a path parameter (see http://doriantaylor.com/policy/http-url-path-parameter-syntax) but the next "/" does not start the next path segment for mod_jk (not sure if this is correct or incorrect) so it never sees that the URL ends in the mounted extension ".rhd".