[04:32] <frickler> there's a regression in the latest apache2 updates at least for focal and impish. a request for e.g. /path/xyz gets passed to an uwsgi backend as /pat//xyz
[05:02] <frickler> or to be more precise, I get SCRIPT_NAME="/pat" instead of "/path" and PATH_INFO="//abc" instead of "/abc"
[05:13] <frickler> I hope this is enough to reproduce https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1945274
[05:20] <sbeattie> frickler: thanks.
[05:31] <frickler> so the culprit seems to be CVE-2021-36160.patch , if I build the focal version without that patch, the issue is resolved
[05:45] <sbeattie> yeah, that was the likely candidate.
[06:09] <frickler> so ... we are using this ProxyPass statement: ProxyPass "/placement" "unix:/var/run/uwsgi/placement-api.socket|uwsgi://uwsgi-uds-placement-api/" retry=0
[06:10] <frickler> if I remove the trailing / in the uwsgi:// path, things get back to work. not sure if that's actually a bug in our deployment that was just uncovered by the CVE fix
[06:10] <frickler> it also only affects some apps, not everything
[06:18] <amurray> since there is no trailing / on "/placement" then I don't think there should be one on the uwsgi:// URI either
[06:21] <amurray> see https://httpd.apache.org/docs/trunk/mod/mod_proxy.html#proxypass -  "If the first argument ends with a trailing /, the second argument should also end with a trailing /, and vice versa. Otherwise, the resulting requests to the backend may miss some needed slashes and do not deliver the expected results."