Use ap_unescape_url_keep2f() in ap_expr unescape func. ap_unescape_url()

forbidding encoded slashes is not useful here.
Log failures.
Improve docs.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1151373 13f79535-47bb-0310-9956-ffa450edef68

docs/manual/expr.xml

@@ -436,8 +436,8 @@ listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"
     <tr><td><code>escape</code></td>
         <td>Escape special characters in %hex encoding</td><td></td></tr>
     <tr><td><code>unescape</code></td>
-        <td>Unescape %hex encoded string, leaving URL-special characters
-            encoded (XXX: describe better)</td><td></td></tr>
+        <td>Unescape %hex encoded string, leaving encoded slashes alone;
+            return empty string if %00 is found</td><td></td></tr>
     <tr><td><code>file</code></td>
         <td>Read contents from a file</td><td>yes</td></tr>
     <tr><td><code>filesize</code></td>

server/util_expr_eval.c

@@ -985,11 +985,14 @@ static const char *unescape_func(ap_expr_eval_ctx_t *ctx, const void *data,
                                  const char *arg)
 {
     char *result = apr_pstrdup(ctx->p, arg);
-    if (ap_unescape_url(result))
-        return "";
-    else
+    int ret = ap_unescape_url_keep2f(result, 0);
+    if (ret == OK)
         return result;
-
+    ap_log_rerror(LOG_MARK(ctx->info), APLOG_DEBUG, 0, ctx->r,
+                      "%s %% escape in unescape('%s') at %s:%d", 
+		      ret == HTTP_BAD_REQUEST ? "Bad" : "Forbidden", arg,
+		      ctx->info->filename, ctx->info->line_number);
+    return "";
 }
 
 static int op_nz(ap_expr_eval_ctx_t *ctx, const void *data, const char *arg)