How to get rid of annoying plus-signs in Drupal under nginx

[giza]

While using the nginx webserver with a Drupal installation I noticed something odd. Whenever I submitted a form (with the GET method) or clicked on a link that had a space in it, it would be converted to a plus sign in the URL. Actually, that's not the odd path--the web browser is doing proper URL encoding since spaces are not allowed in URLs.

The weird part is that after the request got to the webserver, and the server processed it and passed it to PHP, and PHP loaded Drupal and executed the PHP code, the plus sign failed to be turned back into a space when using the nginx webserver. Works fine in Apache, but not in nginx.

The symptom is that if I tried to perform a search or edit my user profile, or anything else that involved a plus sign in the GET data, when that data was processed by PHP, the plus sign was still there. i.e., I would see "term1+term2" in the search box, instead of "term1 term2".

So, how to fix this? I could have spent some time reading RFCs, and looking through the source from PHP and nginx, or I could have my site working again. I opted for the latter, and found that this line of code at the very beginning of Drupal's index.php seems to do the trick:

$_GET["q"] = strtr($_GET["q"], "+", " ");

It's silly, and may even be a bit stupid, but it sure does the trick.

Comments

[taral.livejournal.com]

And it fails if you have a real + in your URL. :(

[giza.livejournal.com]

Which I don't think Drupal ever does. At least it never has in any of the sites that I've admined.

I would question why any non-machine generated URL would ever have a plus sign in it anyway.

[taral.livejournal.com]

Encoded search strings, usually.

[giza.livejournal.com]

That's actually one of the scenarios which my code *solves*.

If you go to http://www.anthrocon.org/search and search for "i like cheetahs", the URL that it redirects you to is http://www.anthrocon.org/search/node/i+like+cheetahs.

Now in Apache's PHP module, $_GET["q"] is properly set to "i like cheetahs", exactly what the user entered.

In nginx with PHP-CGI, $_GET["q"] is instead "i+like+cheetahs". And while I like cheetahs, I don't like them quite /that/ much, hence my original need to filter out plusses.

[taral.livejournal.com]

Yup. Tag searches, however, will occasionally have "tagA+tagB" as a string...

[giza.livejournal.com]

Wouldn't the plus be encoded in the URL as %2B then?

[taral.livejournal.com]

Yup, and then decoded as +... which you then substitute to a space...

[giza.livejournal.com]

Okay, yeah... that could be a problem.

FWIW, no Drupal installation that I've run yet *has* any sort of tag search, so I'm not likely to see this problem anytime soon. When/if it happens on a site I run, I can always write code to handle that.

Of course, the site would have to be running nginx first. With Apache this is totally a non-issue.

[toumal.livejournal.com]

Lighttpd for the win! :)

[giza.livejournal.com]

That was one of the webservers I checked out awhile back, but I remember seeing something about that turned me off. Can't remember what it was though. :-P

I could always run it parallel to nginx (but on another port) and see what happens.

[toumal.livejournal.com]

I think I know what that was: lighty doesn't support .htaccess files. Software relying on that for security has a problem with that - not that .htaccess is a good security mechanism...

[giza.livejournal.com]

Hmm... I don't think that was it. nginx doesn't support .htaccess either.