DO NOT REPLY [Bug 18805] Problem Obtaining Files Named with ASCII Special Characters

Thu, 25 Sep 2008 01:36:07 -0700 

https://issues.apache.org/bugzilla/show_bug.cgi?id=18805


andre w <[EMAIL PROTECTED]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[EMAIL PROTECTED]




--- Comment #2 from andre w <[EMAIL PROTECTED]>  2008-09-25 01:35:40 PST ---
(In reply to comment #1)
> 
> This has btw nothing to do with XHTML, it's RFC 1738/2396.
> 
With respect, that is incorrect.  RFC 2396 states explicitly :

This document
   does not discuss the issues and recommendation for dealing with
   characters outside of the US-ASCII character set [ASCII]; those
   recommendations are discussed in a separate document.

I would like to confirm the issue stated by the original poster, and add an
additional similar problem :
1) on a Windows Apache server, create a file in the document root named, for
example, "joaquín.jpg" (notice the accented í). (You do this with the disk
Explorer or any local means).
2) Now, with any browser anywhere, request http://hostname/joaquín.jpg.
The browser will "do the right thing" as per the spec : any character in that
URL that is not a member of the US-ASCII character set (nor forbidden,
reserved, etc) will be escaped as %xy, before the request is sent to the httpd
server.
3) you will get a 403 Forbidden answer from Apache (2.2.9, Win32).

Surely that is an incorrect response code, since the requested document is not
by any means forbidden nor subject to authorization.
Furthermore, if you request a directory index of the document root (assuming
this is permitted), you will see this file listed, with a name visually
identical to what you entered in the browser's URL box.

Surely also, when requesting the content of a URL from a server on the WWW,
neither the user nor the browser are supposed to know the underlying platform
of the server, not the charset or encoding it uses on its filesystem.
So it *must* belong to the httpd server to make the appropriate conversion from
the URL to the file name.
And if it gets it wrong, it should at least return a 404 Not found, not a 403
Forbidden.



-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to