httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thomas Jarosch" <>
Subject Help needed: Bug #8480 still present in 1.3.23
Date Sun, 10 Feb 2002 09:54:38 GMT

the bug I've found on Oct 06 2001 is still present
in Apache 1.3.23. I've spent several hours debugging
the code myself, but ended up nowhere :-(
Below you can find the summary of my bug report.

To me it seems like a problem in the request body parser of Apache, 
but I'm not an Apache guru, so I could be wrong...

Buying a CD at CDNOW from a wishlist is the least I can
do for the developer helping me fixing this nasty bug.

Thanks in advance,

Bug #8480:

Trailing CRLF on POSTs not handled correctly

I can reproduce a problem handling the trailing CRLF on POSTs with a tcpdump
of a form submitted with Netscape 4.6 under Windows NT 4.0.
If you send this request to Apache (I used netcat to reproduce the bug),
Apache will return nothing to the sender. 
Netscape will present a "document contains no data" page to the user.

If I change the Content-Length to +2 Bytes for the extra CRLF
or I remove the trailing CRLF, everything works perfect.

Create a page where you can POST data (like an empty PHP file), 
adjust the URL in the "POST XXX HTTP/1.0" line
and do a netcat -v webserver 80 <netscape_postbug.txt

Here is my netscape_postbug.txt.
(Filesize is 417 bytes, don't forget to save the extra CRLF):
POST /test.php HTTP/1.0
Referer: http://intradev.local/arnie?form=hauptseite
Connection: Keep-Alive
User-Agent: Mozilla/4.6 [en-gb] (WinNT; I)
Host: intradev.local
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Accept-Encoding: gzip
Accept-Language: en-GB,en,en-*
Accept-Charset: iso-8859-1,*,utf-8
Content-type: application/x-www-form-urlencoded
Content-length: 9


View raw message