>Number: 803 >Category: general >Synopsis: Multiple /// in URLs allowed (e.g. >http://host////somefile.html) >Confidential: no >Severity: serious >Priority: medium >Responsible: apache (Apache HTTP Project) >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Jun 30 10:40:01 1997 >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2 >Environment: SunOS leacock 5.5.1 Generic_103640-05 sun4u sparc SUNW,Ultra-1 SunWorks C compiler.
Netscape browsers (3+). >Description: Multiple /'s in a URL.. e.g. http://host///file.html Discovered when another server did a redirect to ours. I've checked a number of apache powered sites and the same occurs (i.e. allows it through). Causes wierd log entries, and a few errors for accessing users. Doesn't appear to affect our CGI stuff yet, but we're still checking. >How-To-Repeat: e.g. http://www.apache.org///dist.html >Fix: Looks like the URL parsing isn't being strict after the http:// >Audit-Trail: >Unformatted:
