>Number: 1789 >Category: protocol >Synopsis: Invalid method on POST >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Feb 11 09:10:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2.5 >Environment: Solaris 2.5.1 Browser: MSIE 4.71, Netscape is okay >Description: The server intermittently logs "Invalid method on request" during POST operations from a MSIE 4.71 browser. A "snoop" shows the data from the browser as appearing okay.
Apparently, r->method falls out to M_INVALID in read_request in http_protocol.c, because strcmp to all methods fail. Consequently, the routine default_handler in http_core.c fails. I modified the line in default_handler to dump the r->method: log_printf(r->server, "Invalid method (%s)in request %s",r->method, r->the_request); It produced the following in the error_log file: [Wed Feb 11 10:37:16 1998] Invalid method (exempt=adm&n_1=on&button=Hold+OrderGET)in reque st exempt=adm&n_1=on&button=Hold+OrderGET /icons/bg/bg.gif HTTP/1.1 Here is the output of the access_log file: 146.13.148.37 - - [11/Feb/1998:10:37:15 -0500] "POST /cgi-bin/procorder.sh/rfr HTTP/1.1" 4 01 362 146.13.148.37 - amv1300 [11/Feb/1998:10:37:16 -0500] "POST /cgi-bin/procorder.sh/rfr HTTP/ 1.1" 200 2216 146.13.148.37 - - [11/Feb/1998:10:37:16 -0500] "exempt=adm&n_1=on&button=Hold+OrderGET /ic ons/bg/bg.gif HTTP/1.1" 501 213 >From what I see, it appears that a image request is being merged with the >previous request, but I'm not sure. It also seems that MSIE is not presenting its authorization (the user has already been authorized for this directory under previous page hits) and the server is not handling the request properly. Does anybody have a clue as to what's going on? >How-To-Repeat: URL is unavailable: Intranet application. Create a POST form with Basic authentication required. >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
