I want to stop Apache from decoding %2B (+) and %3D (=) from URI. I need those chars not decoded in PATH_INFO.
I've did that for %2F (/) by using:
AllowEncodedSlashes NoDecode
But, I can't find any directive(s) that could help me do the same for other encoded characters. Is this even possible?
You can't prevent Apache from decoding those %-encoded characters in the PATH_INFO Apache server variable (which PHP assigns later to the $_SERVER['PATH_INFO'] superglobal, seemingly unaltered).
The AllowEncodedSlashes directive is a special case. This is really a "security feature". By default, an encoded slash (%2F) in the path-part of the URL triggers a system generated 404 response. The AllowEncodedSlashes directive allows the request to get through to the application (the NoDecode option was only added later).
If you want to read the %-encoded PATH_INFO in PHP then consider using a different $_SERVER variable instead, such as $_SERVER['REQUEST_URI'], which is not %-decoded, but this will require some additional parsing. (Note that the PHP superglobal $_SERVER['REQUEST_URI'] is different from the Apache server variable of the same name, which is %-decoded and could refer to a different URL entirely if the URL is being rewritten!)
However, if you want to read the %-encoded PATH_INFO with Apache (using mod_rewrite) then consider parsing the THE_REQUEST server variable instead, which contains the entire request header, as sent from the client. This variable is not %-decoded. This could be assigned to an environment variable or even a URL parameter and read by PHP that way. (Note that the QUERY_STRING server variable, and corresponding $_SERVER['QUERY_STRING'] superglobal, are not %-decoded, but PHP decodes the individual parameter values in the $_GET array.)
