DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17937>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17937 Does not return HTTP 406 for restricted client Accept headers Summary: Does not return HTTP 406 for restricted client Accept headers Product: Apache httpd-2.0 Version: 2.0.44 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: mod_negotiation AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] There is a bug in the mod_negotiation module of Apache httpd where it is incorrectly returning HTTP status 200 and content when receiving a browser client request that contains restricted Accept headers, when the correct web server response should be a HTTP status 406. For example using the HTTP client request header of GET /images/asf_logo_wide.gif HTTP/1.1 User-Agent: Mozilla/4.0 [en] () Accept: text/* Connection: keep-alive Host: www.apache.org (note www.apache.org is a 2.x based server, but this defect does apply to 1.3.27 and other 1.3.x versions) The httpd web server should return a HTTP STATUS 406 because the .gif is associated with image/gif and does not match the HTTP client's Accept criteria. Instead, Apache httpd currently responds with a HTTP STATUS 200 with the gif file's binary content. Associated references: HTTP 1.1, rfc2616 Section 14 http://www.ietf.org/rfc/rfc2616.txt http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html and Apache negotiation algorithm in http://httpd.apache.org/docs/content-negotiation.html --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
