>Number: 2222 >Category: general >Synopsis: The SSI handler is processing invalid URLs >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue May 12 15:50:01 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2.6, 1.3b6 >Environment: % uname -a SunOS basswa 5.6 Generic sun4c sparc SUNW,Sun_4_50
GNU gcc 2.7.2.3 SPARC Solaris 2.6 >Description: Invalid requests for a SSI enabled document are succeeding. e.g. requests for the document "http://your.domain.com/test.shtml"; are successful, but requests for http://your.domain.com/test.shtml/test.shtml will also succeed (the server returns the document, but relative links to graphics are broken). Since the file /test.shtml/test.shtml does not exist the server should return a 404 error. I have also tried to request /test.shtml/another_file.html and the server returns the same results as /test.shtml/test.shtml. I have seen this problem with both the .shtml handler and the XBitHack method of enabling SSIs. >How-To-Repeat: http://continuum.real-time.com/index.text.shtml http://continuum.real-time.com/index.text.shtml/index.text.shtml http://www.cs.umbc.edu/agents/agentnews/index.shtml http://www.cs.umbc.edu/agents/agentnews/index.shtml/index.shtml http://www.ellsworth.af.mil/index.shtml http://www.ellsworth.af.mil/index.shtml/index.shtml http://www.whdh.com/index.shtml http://www.whdh.com/index.shtml/index.shtml >Fix: Sorry. I don't know. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
