httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@ast.cam.ac.uk (David Robinson)
Subject Re: new B51 patch available
Date Wed, 05 Apr 1995 17:09:00 GMT
RobH wrote:
> > 
> > Robh wrote:
> > >    Patch B51  premature pattern match bug fix.
> > >...
> > Looks ok to me.
> > What about unmunge_name()? Probably not worth fixing.
>
> I haven't looked at unmunge_name(), what's the problem there ?

Suppose I have two aliases:
Alias /icona/ /local/a
Alias /trial/ /local/abstract

Then if I try to read /trial/pic.html, and it does not exist, I will
get an error:
`The requested URL /icona/bstract/pic.html was not found on this server.'

Mind you, this is not much worse than the existing bugs in that routine.

> > >...I'm assuming that the characters
> > >[nothing]  ?  #  :  ,  /    are the only "word" boundary
> > >chars in URLs. If not, then it's easy to add more.
>  
> > No. You should only allow '\0' and '/'.
>  
> > Regarding '?'; I now realise that several parts of httpd contain the bug
> > of not removing the search part from a URL before passing it to translate_name.
>
> In which case, is it best to leave "?" in the search pattern ?
Thinking on, no, it is not safe.

> How about  # : ,    are they harmless ?
Harmless in the sense that they do not carry any semantics, and are just like
any other character in a path.

The point is that a URL _can_ contain these characters, as long as they
are escaped (for # and ?). But by the time translate_name() has been called
(at least for the case of the original URL), the URL path has been unescaped,
and so can legitimately contain 'non-active' # and ?.

 David.

Mime
View raw message