httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Havard" <bri...@kheldar.apana.org.au>
Subject Problem with <Directory proxy:*> and ap_os_canonical_filename()
Date Sun, 24 Jan 1999 04:28:09 GMT
When using a <Directory proxy:*> block to control access to the proxy,
"proxy:*" is passed to ap_os_canonical_filename(). My OS/2 implementation of
that function barfs on that (it's not a valid file name).

So where should this special case be caught?

On a related note I think ap_os_canonical_filename() needs to be able to
return a failure status for when it's given a bogus file name. I can
currently bomb out a server process in OS/2 by sending it

GET /a>b.html HTTP/1.0

This triggers the ap_assert(rc==0) in OS/2's ap_os_canonical_filename() due
to the '>'. I guess the correct behaviour would be to return "400 Bad
Request".

--
 ______________________________________________________________________________
 |  Brian Havard                 |  "He is not the messiah!                   |
 |  brianh@kheldar.apana.org.au  |  He's a very naughty boy!" - Life of Brian |
 ------------------------------------------------------------------------------


Mime
View raw message