>Number: 2163 >Category: protocol >Synopsis: A space in an HTTP/1.0 file request >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Thu Apr 30 22:10:00 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2.4 >Environment: `uname -a`="Linux www.student.fsu.umd.edu 2.0.33 #1 Mon Feb 23 15:35:47 EST 1998 i586" gcc version 2.7.2.1 Server version Apache/1.2.4 (www.student.fsu.umd.edu) I also tried Apache 1.2.5 and got the same results. (res1.allconet.org) Also www.apache.org is affected Server: Apache/1.3b7-de
Client side: Netscape 4.04 (On a seperate Linux system) most likely other browsers too. >Description: I typed "http://www.student.fsu.umd.edu/~ruded/ compiler/" in the URL box of Netscape. If I leave off the HTTP:// Netscape does an Excite web search. The compiler directory does not exist but you get the same results even when the DIR does exist. The browser makes the request and gets the index page. The following is placed in the access_log: "198.76.234.188 - - [30/Apr/1998:22:48:53 -0400] "GET /~ruded/ compiler/ HTTP/1.0" 200 7105" The browser then tries to load the background image and the following goes into the log: "198.76.234.188 - - [30/Apr/1998:22:48:54 -0400] "GET /~ruded/ compiler/binary.jpg HTTP/1.0" 200 7105" BUT Netscape does not display this graphic because Apache has returned the index document. What seems to be happening is only relative URLs in the browser are affected. It doesn't appear to be realted to the home directory "~" translations because the root of www.apache.org is also affected. >How-To-Repeat: "http://www.student.fsu.umd.edu/~ruded/ compiler/" "http://res1.allconet.org/~donr/ test/" "http://www.apache.org/ test/" >Fix: It would seem Apache is giving a consistent response... but shouldn't it reply with a 404 error? couldn't find "~ruded/ compiler/binary.jpg" does not exist? Maybe you are restricted by the HTTP 1.0 or 1.1 standard. I'm not sure. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
