http not found issue when url have % symbol

It showing lot of urls as 404 not found. Of course there is badly formed querystring in the url.

http://www.example.com/ref=http%3A%2F%2Fwww.example.org/

Bbove url is failing to reach .htaccess verification.

RewriteRule ^(.*)$ index.php?request_url=$1 [QSA,L]

If that开发者_运维问答 url reach/passthrough the above .htaccess rule, I can simply add R=301, but that url does not reach/passingthrough that .htaccess rule and shows 404 error.

it wont work because the urls are encoded and will be decoded as (%2F for / and %5C for \) respectively. Apache has Security limitations for these kind of requests check these Urls for more info

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450

http://securitytracker.com/id/1018110 (Look at section 4. Solution)

To make it work either pass decoded request or enable AllowEncodedSlashes in apache config and restart the apache service

http://httpd.apache.org/docs/current/mod/core.html#allowencodedslashes