DO NOT REPLY [Bug 28778] - Malformed HEAD method can bypass (basic) authentication.

bugzilla Wed, 05 May 2004 06:57:47 -0700

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=28778>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.


http://issues.apache.org/bugzilla/show_bug.cgi?id=28778

Malformed HEAD method can bypass (basic) authentication.

[EMAIL PROTECTED] changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From [EMAIL PROTECTED]  2004-05-05 13:58 -------
I think it's fairly obvious:
- hfjdfhdHEAD is not a malformed HEAD request, it is a hfjdfhdHEAD request
- your constraint seems on the method name
- many servlets have a service method which will treat any method as a GET

If you still think there's a problem, please provide a *specific* example (test
WAR + request which will cause the problem).

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 28778] - Malformed HEAD method can bypass (basic) authentication.

Reply via email to