Access URL/filename having space | Apache | htaccess

Question

Root Folder Structure

Root .htaccess

Options -Indexes
Options +FollowSymLinks
Options +ExecCGI
AddHandler cgi-script .cgi .pl .py

RewriteEngine on
RewriteRule ^(.*)$ public/$1 [BCTLS]

php_value file_uploads 1
php_value memory_limit 1024M
php_value post_max_size 1024M
php_value upload_max_filesize 1024M

Inside "public" folder

.htaccess in public folder

Options -Indexes

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-s 
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_URI} !=/robots.txt
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ ?q=$1 [QSA,L]

My Problem

I cannot access the file p 1.jpg like:

http://example.local/p%201.jpg

but it works if I change as follows

http://example.local/public/p%201.jpg

Also if a p.jpg is there, I can access http://example.local/p.jpg - without any issue.

"I cannot access the file...." - What response are you getting? — MrWhite, May 12 '23 at 20:37
Forbidden You don't have permission to access this resource. — RethNath, May 12 '23 at 22:49
From your example, presumably `/public/p 1.jpg` (with a _space_) exists as a physical file? What version of Apache you are using? With your 2nd rewrite (in the `public` folder), what is the actual file that handles the request? — MrWhite, May 13 '23 at 00:34
Your "file structure" also seemingly shows only `p 1`, not `p 1.jpg`? — MrWhite, May 13 '23 at 00:42

score 1 · Answer 1 · answered May 12 '23 at 19:04

1

This appears to be problem:

RewriteRule ^(.*)$ public/$1 [BCTLS]

Due to presence of BCTLS flag that only escapes control characters and the space character.

It appears from your examples that you want to handle all the URLs as you receive from client hence you can just use:

RewriteRule .* public/$0 [L]

answered May 12 '23 at 19:04

anubhava

761,203
64
569
643

It works for the example. But unfortunately it does not works for my whole work like as follows: I can access my MVC PHP application with the URL http://example.local/ws/getPost/mmm but NOT with as follows http://example.local/ws/getPost/mm%20m Even if BOTH URLs are VALID the second ONE shows Forbidden You don't have permission to access this resource. – RethNath May 12 '23 at 23:08
1

@RethNath That would seem to be a different issue than the example you posted in the question. Since `/public/ws/getPost/mm m` does not map to a physical file it then invokes the rule in the second `/public/.htaccess` file that further rewrites the request to your "MVC PHP application". You may need to add the `B` flag to this second rule, as mentioned in [my answer](https://stackoverflow.com/a/76239790/369434). – MrWhite May 13 '23 at 01:10

MrWhite · Accepted Answer · 2023-05-13T01:19:43.520

From comments...

I can access my MVC PHP application with the URL example.local/ws/getPost/mmm but NOT with as follows example.local/ws/getPost/mm%20m Even if BOTH URLs are VALID the second ONE shows Forbidden

This is a different issue to the one you posted as an example in your question. In your question, p 1.jpg (presumably) ends up mapping directly to a physical file after the first rewrite (ie. /public/p 1.jpg).

However, in this second example the URL is further rewritten by the rule (below) in the /public/.htaccess file, since it does not map to a physical file:

:
RewriteRule ^(.*)$ ?q=$1 [QSA,L]

Try adding the B flag (or perhaps BCTLS if on Apache 2.4.57+) to re-encode the space in the backreference (captured URL-path) when passed to the query string. (The URL-path that the RewriteRule pattern matches against is URL-decoded.)

You should also be rewriting directly to the file that handles the request (eg. index.php?). Currently you are relying on the DirectoryIndex (which requires an additional subrequest), and which has not been explicitly defined here, so it is not clear to other devs what the intention is.

For example:

:
RewriteRule (.*) index.php?q=$1 [B,QSA,L]

(I initially assumed index.py because of the AddHandler directive in the parent .htaccess file, but from your later comment it would seem this is a "PHP application".)

Further reference:

AH10411 error: Managing spaces and %20 in apache mod_rewrite

score 0 · Answer 3 · answered May 13 '23 at 01:22

0

Thanks for all guys

I solved my whole issue by correcting the htaccess in the public folder as follows

RewriteRule ^(.*)$ ?q=$1 [BCTLS,L]

Using Apache 2.4.57

answered May 13 '23 at 01:22

RethNath

41
1
1
6

1

This is the same as what I suggested (and explained) in [my answer](https://stackoverflow.com/a/76239790/369434). However, the `B` flag is likely preferable here. (And you should be rewriting directly to the file that handles the request.) But both the suggestion in @anubhava's answer and this are presumably required to resolve this issue? Please consider upvoting (and accepting) answers you find helpful. Thanks, much appreciated :) – MrWhite May 13 '23 at 01:42

Access URL/filename having space | Apache | htaccess

Root Folder Structure

Inside "public" folder

My Problem

3 Answers3