Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 87851 invoked from network); 12 Apr 2010 19:48:52 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 12 Apr 2010 19:48:52 -0000 Received: (qmail 15762 invoked by uid 500); 12 Apr 2010 19:48:51 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 15653 invoked by uid 500); 12 Apr 2010 19:48:51 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 15644 invoked by uid 99); 12 Apr 2010 19:48:51 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 12 Apr 2010 19:48:51 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 12 Apr 2010 19:48:47 +0000 Received: from thor.apache.org (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o3CJmQBx000609 for ; Mon, 12 Apr 2010 15:48:26 -0400 (EDT) Received: (from daemon@localhost) by thor.apache.org (8.13.8+Sun/8.13.8/Submit) id o3CJmQa1000608; Mon, 12 Apr 2010 15:48:26 -0400 (EDT) Date: Mon, 12 Apr 2010 15:48:26 -0400 (EDT) From: bugzilla@apache.org To: dev@tomcat.apache.org Subject: DO NOT REPLY [Bug 49099] New: Using % after context prefix results in 400 but nothing is logged in access log X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Tomcat 6 X-Bugzilla-Component: Catalina X-Bugzilla-Keywords: X-Bugzilla-Severity: major X-Bugzilla-Who: igor@fedulov.com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: dev@tomcat.apache.org X-Bugzilla-Target-Milestone: default X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: https://issues.apache.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org https://issues.apache.org/bugzilla/show_bug.cgi?id=49099 Summary: Using % after context prefix results in 400 but nothing is logged in access log Product: Tomcat 6 Version: 6.0.26 Platform: PC OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: Catalina AssignedTo: dev@tomcat.apache.org ReportedBy: igor@fedulov.com Simple test: 1. Download latest tomcat 6.0.26 2. Utar it and start it up 3. Head over to http://localhost:8080/ to verify that it's working 4. Now change the URL to something like http://localhost:8080/%foo and you get error 400 as expected but nothing is logged in access log: http://localhost:8080/%foo GET /%foo HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100401 Ubuntu/9.10 (karmic) Firefox/3.5.9 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.1 400 Bad Request Server: Apache-Coyote/1.1 Content-Length: 0 Date: Mon, 12 Apr 2010 19:44:57 GMT Connection: close 5. Now change the URL to legitimate, i.e.: http://localhost:8080/%29 and you get 404 as expected and it's also logged in access log as expected. http://localhost:8080/%29 GET /%29 HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100401 Ubuntu/9.10 (karmic) Firefox/3.5.9 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.1 404 Not Found Server: Apache-Coyote/1.1 Content-Type: text/html;charset=utf-8 Content-Length: 964 Date: Mon, 12 Apr 2010 19:43:45 GMT So for admin of the server there is no way to see if there is a DDoS attack going on on the box because there is nothing written to the log files, nothing at all. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org