www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sl...@apache.org
Subject Re: general/6898: Possible DoS caused by local ErrorDocument w/ relative <link> tags (maybe other tags as well).
Date Tue, 28 Nov 2000 18:37:40 GMT
[In order for any reply to be added to the PR database, you need]
[to include <apbugs@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]


Synopsis: Possible DoS caused by local ErrorDocument w/ relative <link> tags (maybe
other tags as well).

State-Changed-From-To: open-closed
State-Changed-By: slive
State-Changed-When: Tue Nov 28 10:37:38 PST 2000
State-Changed-Why:

This is not an Apache flaw.  It is a combination of two
problems:

1. You should never use relative references in 
ErrorDocument's.  There is no way to know what
base directory the client thinks it is originating from,
so relative references will always be dangerous.

2. Netscape has a bad habit of serving the 
ErrorDocument when it can't locate a CSS page.
It should be just ignoring the CSS page in
this case and serving the original document.
This is a client bug.

In any case, this is not a real denial-of-service
attack.  It is just a client going nuts.  You
can avoid it, as you mentioned, by not
using relative references in ErrorDocuments.

Thanks for using Apache.


Mime
View raw message