Fix a security problem that affects certain configurations of mod_rewrite.

If the result of a RewriteRule is a filename that contains expansion
specifiers, especially regexp backreferences $0..$9 and %0..%9, then it
may be possible for an attacker to access any file on the web server.
The fix replaces a multi-pass string expander with a one-pass expander.

Message-Id: <E13OQB5-0004Xs-00@hand.dotat.at>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@86296 13f79535-47bb-0310-9956-ffa450edef68