I'm trying to pass a backslash as part of a query string argument.
The project uses a pretty simple url_rewriting method:
//.Htaccess
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php?arguments=$0 [NC,L]
Then receive $_GET['arguments'] with values separated by /
Ex.: blog/post/2/ will fill $_GET['arguments'] with: 'post/2/'
The problem is, when I try to pass something like test%5Cabc (url encoded for test\abc), the request returns a 404 error instead of passing it as an argument
I have no idea how to fix it. Thanks in advance.
The reason you get a 404 error is because by default, Apache has AllowEncodedSlashes turned off, and its behavior is to 404 any request containing a backslash. This is because having it turned on is a potential security hazard. In Apache 2.2.18 and later, there is a NoDecode setting which makes this a bit safer, and works well for your case.
Anyway I tried turning it on locally, and indeed this script:
<?php var_dump($_REQUEST); ?>
is able to handle urls like
http://localhost/this\is\a\test
and outputs
array(1) { ["arguments"]=> string(14) "this\is\a\test" }
However, it (or my browser) seems to have problems with encoded backslashes, converting them to regular backslashes - maybe that's not a problem. If you enable the B flag on your rewriterule, it will convert unencoded backslashes to encoded backslashes.