httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: Canonicalizer fun
Date Tue, 11 Jun 1996 11:14:45 GMT
Chuck Murcko wrote:
> 
> Hello again, Joerg. I have found the source of this problem.
> 
> Are you trying to send a literal '%' in the section
> 
> PROD_NAME=%
> 
> ???
> 
> From RFC 1738:
> 
>  The character "%" is unsafe because it is used for
>    encodings of other characters.
> 
> To the group:
> 
> What about the '/' character (and others) within form data sets?
> 
> For instance, the URL
> 
> http://www.telegraph.co.uk/et/access?ac=117527821782&pg=//96/6/11/wleb11.html
> 
> breaks when sent through the proxy because the '/' in the form data set
> are encoded as %2F.
> 
> Should this (and others not considered 'unsafe') be sent unencoded by
> the proxy?

According to HTTP/1.1 proxies MUST send the URL unmodified. Although I
initially resisted this on the basis that the cache may need to canonicalize I
now think I agree. Besides, _our_ cache doesn't need to canonicalize. On the
other hand this may mean we store redundant copies of things. I guess that's
just life.

Cheers,

Ben.

> 
> Sigh. Onward, into the canonicalizer.
> 
> Joerg Morbitzer liltingly intones:
> > 
> > > 
> > > Thanks for pointing this one out. This bug appears to be happening on all
> > > OS, not just Solaris, according to my testing. I should be able to get
> > > a fix into Apache by next beta release.
> > 
> > Thank you for your answer, but the new release 1.1b3
> > doesn't work, too ! For example:
> > 
> > http://www.transtec.de/doit/nph-t6?sc=WWW_pdz&db=pdzdb&VAR&FRM=WWW_manufact&LANG=D&HLP=N&PROD_NAME=%&KATA=K&la=D&GRP=DIS-SCS-2GB
> > 
> > returns :
> > 
> > Bad Request
> > Your Browser sent a query that this server could not
> > understand
> > 
> > I hope, you can help me, Joerg.
> > 
> chuck
> Chuck Murcko	N2K Inc.	Wayne PA	chuck@telebase.com
> And now, on a lighter note:
> While anyone can admit to themselves they were wrong, the true test is
> admission to someone else.

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.

Mime
View raw message