Merge r1209432 from trunk:

Fix for additional cases of URL rewriting with ProxyPassMatch or
RewriteRule, where particular request-URIs could result in undesired
backend network exposure in some configurations. (CVE-2011-4317)

Thanks to Prutha Parikh from Qualys for reporting this issue.

* modules/proxy/mod_proxy.c (proxy_trans): Decline to handle the "*"
  request-URI.  Fail for cases where r->uri does not begin with a "/".

* modules/mappers/mod_rewrite.c (hook_uri2file): Likewise.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1209436 13f79535-47bb-0310-9956-ffa450edef68