httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Guille (Bisho)" <bi...@eurielec.etsit.upm.es>
Subject Extra line in returned headers apache 2.0beta-dev
Date Sat, 27 Jan 2001 13:08:01 GMT

If you make a GET of an invalid URL (/dir/../../) with HTTP/1.1 you get
an invalid response from de apache server 2.0 beta.

It adds:
[Sat Jan 27 05:01:38 2001] [error] [client 138.100.17.11] client sent
HTTP/1.1 

As te first line of the headers, and the browsers show everithing
followind this line as content of the page.

-------------------------
$ telnet httpd.apache.org 80
Trying 64.208.42.41...
Connected to httpd.apache.org.
Escape character is '^]'.
GET /docs-2.0/../../ HTTP/1.1
Server: httpd.apache.org
Connection: close

[Sat Jan 27 05:01:38 2001] [error] [client 138.100.17.11] client sent
HTTP/1.1 request without hostname (see RFC2616 section 14.23):
/docs-2.0/../../
HTTP/1.1 400 Bad Request
Date: Sat, 27 Jan 2001 13:01:18 GMT
Server: Apache/2.0b1-dev (Unix)
Content-Length: 384
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD><BODY>
<H1>Bad Request</H1>
Your browser sent a request that this server could not understand.<P>
client sent HTTP/1.1 request without hostname (see RFC2616 section
14.23): /docs-2.0/../../<P>
<HR>
<ADDRESS>Apache/2.0b1-dev Server at dev.apache.org Port 80</ADDRESS>
</BODY></HTML>
Connection closed by foreign host.
-------------------------

Width HTTP/1.0 it doesn't happen:
-------------------------
$ telnet httpd.apache.org 80
Trying 64.208.42.41...
Connected to httpd.apache.org.
Escape character is '^]'.
GET /docs-2.0/../../ HTTP/1.0

HTTP/1.1 400 Bad Request
Date: Sat, 27 Jan 2001 13:05:43 GMT
Server: Apache/2.0b1-dev (Unix)
Content-Length: 345
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
[...]
-------------------------

-- 
     \|||||||/    Guillermo Pérez Pérez
     < o   o >      - bisho@onirica.com
      \  L  /       - bisho@eurielec.etsit.upm.es
 -oOOo-------oOOo-
 Onírica: Análisis, diseño e implantación de soluciones informáticas
          http://www.onirica.com

Mime
View raw message