An open-ended .htaccess rewrite allows for anything to be put on the end of an URL, how bad is this?

Basically I'm working on a clients site and I've just realised that many of their re-write regex rules don't check the end of the URL, and in pretty much every case you can sling any junk on the end of an URL and it still returns ok for example:

• /article_23.html
• /article_23.htmlaijdasduahds
• /article_23.html.jpg

etc

This actually happens on about 4 different areas of the site, meaning that most of the sites pages are susceptible to this.

AFAIK everything is sanitised ok when it's being read for the ID etc, I pretty much know how 开发者_运维问答I am going to fix it, but what I want to know what are the main problems that are going to occur from this?

Additionally, what HTTP status should be returned? On one hand you'd think it should be a straight 404, but is it worth 301'ing to the right page if we can?

A 301 to the correct page will not be very harmful for the performance, but might lead a lot of users "to the right place". I have a client that is obsessed about that sort of thing, never leave any old valid URL without 301'ing to the new one (if there is a new one of course). He claims that this alone has allowed him to keep very good ranks in search engines and saved a lot of users the trouble of finding the right URL themselves. I believe that this helps a lot. Maybe if the site is relatively new it's not worth the effort and the overhead, but if it's not that new I'd do it.