>Number: 1670 >Category: mod_log-any >Synopsis: Double quotes in HTTP request line bungle common log >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Jan 14 06:40:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2.5 >Environment: SunOS 5.5.1, SUN SparcServer 20 >Description: (This is related to PR 1598.) In the Common Log Format, the HTTP request line is the fifth field and enclosed in double quotes. Here is the request line of a recent log entry from our server:
"GET /"d49her/calvin/jumpstation.html HTTP/1.0" (Note how the user has entered a double quote instead of a squiggle.) In order to make it possible to parse a line in the log (with reasonable convenience), double quotes appearing in the request line ought to be protected so they do not appear to finish the request line field. >How-To-Repeat: Submit a request containing a double quote in the local part. >Fix: When writing the request line to the log (between double quotes), replace " with \", \ with \\ and newline with \n (the usual C style conventions). Typical request lines do not include any of ", \ or newline and will not be affected by this, but bogus requests will no longer mess up the log >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
