From ca0637eb1e69b62091f3b43882f146761308c364 Mon Sep 17 00:00:00 2001
From: revolyssup <ashishjaitiwari15112000@gmail.com>
Date: Tue, 11 Jul 2023 11:00:26 +0530
Subject: [PATCH 1/5] fix: support regex_uri with unsafe_uri in proxy-rewrite

Signed-off-by: revolyssup <ashishjaitiwari15112000@gmail.com>
---
 apisix/plugins/proxy-rewrite.lua | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/apisix/plugins/proxy-rewrite.lua b/apisix/plugins/proxy-rewrite.lua
index 0766463fb14e..06eecd792e8d 100644
--- a/apisix/plugins/proxy-rewrite.lua
+++ b/apisix/plugins/proxy-rewrite.lua
@@ -279,7 +279,8 @@ function _M.rewrite(conf, ctx)
     local separator_escaped = false
     if conf.use_real_request_uri_unsafe then
         upstream_uri = ctx.var.real_request_uri
-    elseif conf.uri ~= nil then
+    end
+    if conf.uri ~= nil then
         separator_escaped = true
         upstream_uri = core.utils.resolve_var(conf.uri, ctx.var, escape_separator)
     elseif conf.regex_uri ~= nil then
@@ -345,8 +346,22 @@ function _M.rewrite(conf, ctx)
         else
             ctx.var.upstream_uri = upstream_uri
         end
+    else
+        ctx.var.upstream_uri = upstream_uri
     end
 
+    if conf.use_real_request_uri_unsafe and conf.regex_uri then
+        local index
+        if separator_escaped then
+            index = str_find(upstream_uri,"?")
+        end
+        if index then
+            upstream_uri = sub_str(upstream_uri, 1, index - 1)
+                           ..sub_str(upstream_uri,index)
+        end
+        req_set_uri(upstream_uri)
+        ctx.var.upstream_uri = upstream_uri
+    end
     if conf.headers then
         local hdr_op, err = core.lrucache.plugin_ctx(lrucache, ctx, nil,
                                     create_header_operation, conf.headers)

From 4e98bbe0b6be5f1b90dd7a7b331fdeaca8fd6712 Mon Sep 17 00:00:00 2001
From: revolyssup <ashishjaitiwari15112000@gmail.com>
Date: Tue, 11 Jul 2023 11:42:14 +0530
Subject: [PATCH 2/5] add test case

Signed-off-by: revolyssup <ashishjaitiwari15112000@gmail.com>
---
 apisix/plugins/proxy-rewrite.lua |  1 -
 t/plugin/proxy-rewrite3.t        | 58 ++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/apisix/plugins/proxy-rewrite.lua b/apisix/plugins/proxy-rewrite.lua
index 06eecd792e8d..5bceb7649d40 100644
--- a/apisix/plugins/proxy-rewrite.lua
+++ b/apisix/plugins/proxy-rewrite.lua
@@ -359,7 +359,6 @@ function _M.rewrite(conf, ctx)
             upstream_uri = sub_str(upstream_uri, 1, index - 1)
                            ..sub_str(upstream_uri,index)
         end
-        req_set_uri(upstream_uri)
         ctx.var.upstream_uri = upstream_uri
     end
     if conf.headers then
diff --git a/t/plugin/proxy-rewrite3.t b/t/plugin/proxy-rewrite3.t
index 98f27de74177..4605ab327cc4 100644
--- a/t/plugin/proxy-rewrite3.t
+++ b/t/plugin/proxy-rewrite3.t
@@ -942,3 +942,61 @@ GET /test/plugin/proxy/rewrite/world HTTP/1.1
     }
 --- response_body
 /world/plugin_proxy_rewrite
+
+
+
+=== TEST 40: use regex uri with unsafe allowed
+--- config
+    location /t {
+        content_by_lua_block {
+            local t = require("lib.test_admin").test
+            local code, body = t('/apisix/admin/routes/1',
+                ngx.HTTP_PUT,
+                [[{
+                      "plugins": {
+                          "proxy-rewrite": {
+                              "regex_uri": [
+                                  "/hello/(.+)",
+                                  "/hello?unsafe_variable=$1"
+                              ],
+                              "use_real_request_uri_unsafe": true
+                           }
+                        },
+                      "upstream": {
+                          "nodes": {
+                              "127.0.0.1:8125": 1
+                          },
+                          "type": "roundrobin"
+                      },
+                      "uri": "/hello/*"
+                 }]]
+                 )
+
+            if code >= 300 then
+                ngx.status = code
+            end
+            ngx.say(body)
+        }
+    }
+--- request
+GET /t
+--- response_body
+passed
+
+
+
+=== TEST 41: hit
+--- request
+GET /hello/%ED%85%8C%EC%8A%A4%ED%8A%B8 HTTP/1.1
+--- http_config
+    server {
+        listen 8125;
+        location / {
+            content_by_lua_block {
+                ngx.say(ngx.var.request_uri)
+            }
+        }
+    }
+--- response_body
+/hello?unsafe_variable=%ED%85%8C%EC%8A%A4%ED%8A%B8
+

From 4c295dc92e7324475fed0684389f5c6df76fbb6b Mon Sep 17 00:00:00 2001
From: revolyssup <ashishjaitiwari15112000@gmail.com>
Date: Tue, 11 Jul 2023 14:19:50 +0530
Subject: [PATCH 3/5] fix lint issue

Signed-off-by: revolyssup <ashishjaitiwari15112000@gmail.com>
---
 t/plugin/proxy-rewrite3.t | 1 -
 1 file changed, 1 deletion(-)

diff --git a/t/plugin/proxy-rewrite3.t b/t/plugin/proxy-rewrite3.t
index 4605ab327cc4..55afe14cc738 100644
--- a/t/plugin/proxy-rewrite3.t
+++ b/t/plugin/proxy-rewrite3.t
@@ -999,4 +999,3 @@ GET /hello/%ED%85%8C%EC%8A%A4%ED%8A%B8 HTTP/1.1
     }
 --- response_body
 /hello?unsafe_variable=%ED%85%8C%EC%8A%A4%ED%8A%B8
-

From bf1811643d19e53168b3fadc63f51190bb8dfc67 Mon Sep 17 00:00:00 2001
From: revolyssup <ashishjaitiwari15112000@gmail.com>
Date: Thu, 13 Jul 2023 21:47:46 +0530
Subject: [PATCH 4/5] remove redundant logic

Signed-off-by: revolyssup <ashishjaitiwari15112000@gmail.com>
---
 apisix/plugins/proxy-rewrite.lua | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/apisix/plugins/proxy-rewrite.lua b/apisix/plugins/proxy-rewrite.lua
index 5bceb7649d40..f7c3cd51e5b5 100644
--- a/apisix/plugins/proxy-rewrite.lua
+++ b/apisix/plugins/proxy-rewrite.lua
@@ -350,17 +350,6 @@ function _M.rewrite(conf, ctx)
         ctx.var.upstream_uri = upstream_uri
     end
 
-    if conf.use_real_request_uri_unsafe and conf.regex_uri then
-        local index
-        if separator_escaped then
-            index = str_find(upstream_uri,"?")
-        end
-        if index then
-            upstream_uri = sub_str(upstream_uri, 1, index - 1)
-                           ..sub_str(upstream_uri,index)
-        end
-        ctx.var.upstream_uri = upstream_uri
-    end
     if conf.headers then
         local hdr_op, err = core.lrucache.plugin_ctx(lrucache, ctx, nil,
                                     create_header_operation, conf.headers)

From 121d40a2c5f9e678649dc7e5b102cdda54efbe9a Mon Sep 17 00:00:00 2001
From: Ashish Tiwari <ashishjaitiwari15112000@gmail.com>
Date: Fri, 14 Jul 2023 09:17:00 +0530
Subject: [PATCH 5/5] add space

Signed-off-by: Ashish Tiwari <ashishjaitiwari15112000@gmail.com>
---
 apisix/plugins/proxy-rewrite.lua | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apisix/plugins/proxy-rewrite.lua b/apisix/plugins/proxy-rewrite.lua
index 5bceb7649d40..be7e47547e62 100644
--- a/apisix/plugins/proxy-rewrite.lua
+++ b/apisix/plugins/proxy-rewrite.lua
@@ -280,9 +280,11 @@ function _M.rewrite(conf, ctx)
     if conf.use_real_request_uri_unsafe then
         upstream_uri = ctx.var.real_request_uri
     end
+
     if conf.uri ~= nil then
         separator_escaped = true
         upstream_uri = core.utils.resolve_var(conf.uri, ctx.var, escape_separator)
+
     elseif conf.regex_uri ~= nil then
         if not str_find(upstream_uri, "?") then
             separator_escaped = true