httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark J Cox <M.J....@bradford.ac.uk>
Subject 2 bugs in 0.8.1
Date Tue, 18 Jul 1995 12:48:12 GMT
I'm at a conference today so no time to fix these myself (from 0.8.1 on 
hyperreal)

1. mod_imap.c   SIGSEGV's if you try to get a map file without arguments
(such as trying to use it from Lynx or typing in the URL of the map file)

2. Authentication logging.  I remember this being talked about by
Brian in the past.  If a request for a document is made using an invalid
username the request still gets logged with the username set to whatever the
user tried.  Shouldn't the auth field only get set for sucessful requests?

x.brad.ac.uk - invalid_user_name [18/Jul/1995:13:37:42 +0100] "GET /rti/login/ HTTP/1.0" 401
808

So with Apache it's possible to try to log in as "lots of spaces" and then:

x.brad.ac.uk - lots of spaces [18/Jul/1995:13:37:42 +0100] "GET /rti/login/ HTTP/1.0" 401
808

Get's logged - somewhat messing up the CLF.

Mark
Mark J Cox,  mark@telescope.org -- URL:http://www.telescope.org/mark.html
University of Bradford, England ---------- tel +44.1274.384070/fax 391333



Mime
View raw message