capture in if - escaping depends on location bug

[tchnts.wordpress.com]

I am capturing some data in if, and then redirecting on what was captured. The problem is, that captured data is escaped if url contains "%" char, and may be others, and do not escaped if it does not. I have simple config:

Having simple config

location / {
    set $out "http://example.com/?a=b&c=d%";
    if ($out ~ "(.*)") {
        set $z $1;
        rewrite ^ $z redirect;
    }
}

Making 2 requests:

telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
GET / HTTP/1.0
Host: my.ru

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.0.14
Date: Thu, 22 Mar 2012 02:20:14 GMT
Content-Type: text/html
Content-Length: 161
Connection: close
Location: http://example.com/?a=b&c=d%

<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.0.14</center>
</body>
</html>
Connection closed by foreign host.

telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
GET /% HTTP/1.0
Host: my.ru

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.0.14
Date: Thu, 22 Mar 2012 02:21:00 GMT
Content-Type: text/html
Content-Length: 161
Connection: close
Location: http://example.com/?a=b%26c=d%25

<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.0.14</center>
</body>
</html>
Connection closed by foreign host.

Expected the same location as in first request, but got another.
Tested on nginx-1.0.14 , nginx-1.0.6 .

[tchnts.wordpress.com]

location / {
set $out "http://example.com/?a=b&c=d%";
if ( $out ~ "(.*)" ){
set $z $1;
rewrite ^ $z redirect;
}

[Maxim Dounin]

See also #589.

[Maxim Dounin]

It looks like we already have a ticket for this - #348. Closing this as a duplicate.