Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Received-SPF: pass (asf.osuosl.org: local policy)
Message-ID: <4497B860.3060201@pidster.com>
Date: Tue, 20 Jun 2006 09:57:04 +0100
From: Pid <p@pidster.com>
Reply-To: p@pidster.com
User-Agent: Thunderbird 1.5.0.4 (Windows/20060516)
MIME-Version: 1.0
To: users@httpd.apache.org
References: 
 <FDD5D99066749040AF9098A720E989770377FD71@CIWMEXZSA0E.ex.ordersx.org>
In-Reply-To: 
 <FDD5D99066749040AF9098A720E989770377FD71@CIWMEXZSA0E.ex.ordersx.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: [users@httpd]  RE: /my.html#mySection


Boyle Owen wrote:
>> -----Original Message-----
>> From: news [mailto:news@sea.gmane.org] On Behalf Of Mike -=20
>> EMAIL IGNORED
>> Sent: Monday, June 19, 2006 6:21 PM
>> To: users@httpd.apache.org
>> Subject: [users@httpd] RE: /my.html#mySection
>> Linux mbrc20 2.6.14-1.1656_FC4 #1 Thu Jan 5 22:13:22
>>    EST 2006 i686 i686 i386 GNU/Linux
>>
>> Here is a (slightly edited with XXX YYY ZZZ) log line
>> from httpd-2.0.54-10.3 :
>>
>>    64.233.173.67 - - [18/Jun/2006:14:03:11 -0400]
>>       "GET /XXX/XXX/YYY.html#ZZZ
>>       HTTP/1.1" 403 - "http://www.XXX.net/religion/XXX/XXX/YYY.html"
>>       "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1
>>       .NET CLR 1.1.4322)"
>=20
> Aha! now I get it - you're worried that the "#ZZZ" is some kind of hack=
?
>=20
> Er... no. It is simply a request to a particular "anchor" inside the pa=
ge /XXX/XXX/YYY.html. This is typically what you do when you are linking =
to a subsection in a large page. For example, http://httpd.apache.org/doc=
s/2.2/mod/core.html#directory takes you straight to the "directory" secti=
on in the "core.html" page.=20

The # bit is called the 'fragment'.
Just remove the fragment from the URL, before you process the remainder.
 If you're not performing a redirect and are returning HTML then the
client can select the anchor as needed.

> In any case, the link is on your page /religion/XXX/XXX/YYY.html (i.e. =
since there's a referer on the log line, the client must have clicked on =
a link in that page - he didn't type in the URL).

It's worth noting that you can't always rely on the client correctly
sending the referer, in order to determine if they've clicked a link.
Some Norton programs are notorious for mangling the request by removing
referer headers amongst other things.

> As for the 403 response - that implies that the resource /XXX/XXX/YYY.h=
tml is under a "Deny" directive or the file is not readable by apache.
>=20
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored.=20
>=20
>=20
>> As you can see, good practice notwithstanding, there is a #YYY
>> in the GET.  I have confirmed this by examining the incoming
>> packet captured with tethereal (ethereal-0.10.13-1.FC4.2) .
>>
>> Now the #ZZZ is legitimate in the sense that my YYY.html does
>> contain that hypertext. However, in my experience, browsers do
>> not normally send the #ZZZ, as explained above. =20
>>
>> My question is "how should I respond to it?"  Here are choices:
>>
>>    1. Send 403 (Forbidden), which is what I do now.
>>    2. Strip the #ZZZ in my CGI and YYY.html normally.
>>    3. Something else I didn't think of.
>>
>> Additionally, I wonder why the #ZZZ appeared in the first place.
>>
>> Thanks for your interest in this.
>> Mike.
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP=20
>> Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
> Diese E-mail ist eine private und pers=F6nliche Kommunikation. Sie hat =
keinen Bezug zur B=F6rsen- bzw. Gesch=E4ftst=E4tigkeit der SWX Gruppe. Th=
is e-mail is of a private and personal nature. It is not related to the e=
xchange or business activities of the SWX Group. Le pr=E9sent e-mail est =
un message priv=E9 et personnel, sans rapport avec l'activit=E9 boursi=E8=
re du Groupe SWX.
> =20
> =20
> This message is for the named person's use only. It may contain confide=
ntial, proprietary or legally privileged information. No confidentiality =
or privilege is waived or lost by any mistransmission. If you receive thi=
s message in error, please notify the sender urgently and then immediatel=
y delete the message and any copies of it from your system. Please also i=
mmediately destroy any hardcopies of the message. You must not, directly =
or indirectly, use, disclose, distribute, print, or copy any part of this=
 message if you are not the intended recipient. The sender's company rese=
rves the right to monitor all e-mail communications through their network=
s. Any views expressed in this message are those of the individual sender=
, except where the message states otherwise and the sender is authorised =
to state them to be the views of the sender's company.
>=20
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Proje=
ct.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>=20
>=20
>=20


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org