httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Derrick Beery <derrick.be...@itd.state.ia.us>
Subject RE: URL containing non-existant path is served by Apache 1.3.26 o n AI X 4.3.3
Date Mon, 24 Jun 2002 21:08:47 GMT
Commenting the following:

AddType text/html .htm
AddHandler server-parsed .htm

And restarting Apache seems to have enforced the expected behavior, which is
to not allow non-existent path an arbitrary number of times.

Incidentally, I was incorrect in my original post when I stated that the
site involved was not a VirtualHost. It is. 

Derrick



-----Original Message-----
From: Jean-Christian Imbeault
To: users@httpd.apache.org
Sent: 6/20/02 10:44 PM
Subject: Re: URL containing non-existant path is served by Apache 1.3.26 on
AI	X 4.3.3

I'm not 100% sure about this but I remember reading that Apache has some

buil-in feature (backread or backtracking or something like that) that 
kicks in when a nonexistent file is requested.

What happens is that Apache starts by chopping off the end of the 
request before the final / and then looks in that directory. If it find 
nothing it keep chopping off the part before the final / and so on until

it hits the tops directory.

In your case is just happens that you bad URL contains the name of a 
good file that will eventually be found by backtracking up the bad URL's

path.

So in your case

http://www.state.ia.us/government/dgs/Purchase/exhibita/exhibita.htm

Is a bad request so Apache tries this request instead

http://www.state.ia.us/government/dgs/Purchase/exhibita.htm

Which works ...

If you tried

http://www.state.ia.us/government/dgs/Purchase/exhibita/exhibitC.htm

It wouldn't work because the is no exhibitC.htm file anywhere in the 
part of that URL.

Jc

Derrick Beery wrote:

>Hello,
>
>On our server, running v 1.3.26 of Apache on AIX 4.3.3, there is a
directory
>within the document root of a site, that is not a VirtualHost, called
>/web/government/dgs/Purchase.
>
>Within this directory, are 2 .htm documents: exhibita.htm and
exhibitb.htm.
>Neither an exhibita nor an exhibitb subdirectory exists with the
directory.
>If one types the following URL, however, Apache serves it:
>
>http://www.state.ia.us/government/dgs/Purchase/exhibita/exhibita.htm
>
>As well as this one:
>
>http://www.state.ia.us/government/dgs/Purchase/exhibita/exhibita/exhibi
ta.ht
>m
>
>We have found that these URLS can contain an arbitrary number of these
>subdirectories. 
>
>The same behavior is true for exhibitb URL
>
>http://www.state.ia.us/government/dgs/Purchase/exhibitb/exhibitb.htm
>
>http://www.state.ia.us/government/dgs/Purchase/exhibitb/exhibitb/exhibi
tb.ht
>m
>
>And so on...
>
>These are the only URLs we have identified thus far for which this is
>happening.
>
>
>Below is a piece of code that comes from the exhibita.htm file.
> 
>@page Section1
>	{size:8.5in 11.0in;
>	margin:1.0in 67.5pt 1.0in .5in;
>	mso-header-margin:.3in;
>	mso-footer-margin:.2in;
>	mso-header:url("./ExhibitA/header.htm") h1;
>	mso-footer:url("./ExhibitA/header.htm") f1;
>	mso-paper-source:0;}
>div.Section1
>
>
>
>And from the exhibitb.htm file.
>
>@page Section1
>	{size:8.5in 11.0in;
>	margin:.7in 1.0in .7in 1.0in;
>	mso-header-margin:.5in;
>	mso-footer-margin:.5in;
>	mso-header:url("./ExhibitB/header.htm") h1;
>	mso-footer:url("./ExhibitB/header.htm") f1;
>	mso-paper-source:0;}
>
>
>I would be very if someone could help shed some light on this issue; Or
even
>better, tell us the cause.
>
>Derrick Beery, RHCE
>IBM AIX Certified Specialist
>Unix Systems Engineer
>HACMP specialist
>Oracle DBA
>ITD State of Iowa
>derrick.beery@itd.state.ia.us
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message