>Number: 2065
>Category: protocol
>Synopsis: using find_token() for If-Match et al is bogus
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Apr 15 10:10:00 PDT 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.2 and 1.3
>Environment:
n/a
>Description:
If a request includes the header:
If-Match: "abc def"
the code will do completely the wrong thing. It treats this as two tokens
rather than one. The bug isn't in find_token(), the bug is in
meets_conditions() which shouldn't be using find_token(). Another function,
maybe called find_quoted_string() should be added and used.
See these new-httpd messages:
Message-ID: <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Dean
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
