Hi!
In data mercoledì 24 aprile 2013 16:46:48, Ferran Jorba ha scritto:
> >> In data mercoledì 20 marzo 2013 08:19:27, Johnny Mariéthoz ha scritto:
> >>> every day I have some exceptions due to attacks such as: IOError:
> >>> request data read error (webinterface_handler_wsgi.py:377:readline)
> >>> an example of request is:
> >>> /record/17041/files/wp-content/plugins/mm-forms-community/includes/doaja
> >>> xfil eupload.php
> >>>
> >>> Is it possible to return a 404 status for such as request?
> >>
> >> which version of Invenio are you running? Depending on it this is
> >> indeed the default configuration. I will check the commit log, and
> >> point you out the missing patches...
>
> Is there any progress on this issue? Under 1.1 the missing pages
> produce much more noise than the old mod_python.
sorry to come back to this issue only now. Indeed a fix for this has been
provided for maint-1.0 in:
commit 22f4e36755d7103e420da10968f60430ed797c26
Author: Samuele Kaplun <samuele.kap...@cern.ch>
Date: Fri Dec 7 15:06:46 2012 +0100
bibdocfile: better error report for unknown format
* When an unknown format for a bibdocfile is requested an exception
was registered (and an email was sent to the admins), even when
no referer was specified in the HTTP headers, thus cluttering
error reports in case of malicious users playing with the system.
This commit improves the check for unknown formats earlier avoiding
the exception to be registered, when no referer is set.
and subsequently merged into maint-1.1 in:
commit 6d6e985c9abcf02bd85f9eb442e116547eb1f531
Merge: 35fae49 22f4e36
Author: Tibor Simko <tibor.si...@cern.ch>
Date: Thu Dec 20 10:53:36 2012 +0100
Merge branch 'maint-1.0' into maint-1.1
* maint-1.0:
bibdocfile: better error report for unknown format
I think you should be able to safely update to latest maint-1.1 in order to
benefit from this fix.
Cheers!
Sam
--
Samuele Kaplun
Invenio Developer ** <http://invenio-software.org/>
INSPIRE Service Manager ** <http://inspirehep.net/>
