DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=35256>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=35256 [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- OS/Version|Windows 2000 |All ------- Additional Comments From [EMAIL PROTECTED] 2007-09-12 03:53 ------- Reproducible on Trunk. (2.3-HEAD) ProxyPass does not have any effect on this issue. It can be reproduced on default apache install, and having "AllowEncodedSlashes On" 1) Using '\' -> %5c |(echo "GET /cgi-bin/printenv/my%5cparam HTTP/1.0\n\n" ;sleep 1) | telnet agneyam 8080 Trying 129.158.224.203... Connected to agneyam.india.sun.com. Escape character is '^]'. HTTP/1.1 200 OK Date: Wed, 12 Sep 2007 10:42:09 GMT Server: Apache/2.3.0-dev (Unix) Connection: close Content-Type: text/plain; charset=iso-8859-1 DOCUMENT_ROOT="/space/store/httpd/htdocs" GATEWAY_INTERFACE="CGI/1.1" PATH="/bin:/usr/bin" PATH_INFO="/my\param" PATH_TRANSLATED="/space/store/httpd/htdocs/my\param" QUERY_STRING="" REMOTE_ADDR="129.158.224.78" REMOTE_PORT="50617" REQUEST_METHOD="GET" REQUEST_URI="/cgi-bin/printenv/my%5cparam" SCRIPT_FILENAME="/space/store/httpd/cgi-bin/printenv" SCRIPT_NAME="/cgi-bin/printenv" SERVER_ADDR="129.158.224.203" SERVER_ADMIN="[EMAIL PROTECTED]" SERVER_NAME="agneyam" SERVER_PORT="80" SERVER_PROTOCOL="HTTP/1.0" SERVER_SIGNATURE="" SERVER_SOFTWARE="Apache/2.3.0-dev (Unix)" TZ="Asia/Calcutta" 2) Using '/' -> %2f |(echo "GET /cgi-bin/printenv/my%2fparam HTTP/1.0\n\n" ;sleep 1) | telnet agneyam 8080 Trying 129.158.224.203... Connected to agneyam.india.sun.com. Escape character is '^]'. HTTP/1.1 200 OK Date: Wed, 12 Sep 2007 10:43:38 GMT Server: Apache/2.3.0-dev (Unix) Connection: close Content-Type: text/plain; charset=iso-8859-1 DOCUMENT_ROOT="/space/store/httpd/htdocs" GATEWAY_INTERFACE="CGI/1.1" PATH="/bin:/usr/bin" PATH_INFO="/my/param" PATH_TRANSLATED="/space/store/httpd/htdocs/my/param" QUERY_STRING="" REMOTE_ADDR="129.158.224.78" REMOTE_PORT="59458" REQUEST_METHOD="GET" REQUEST_URI="/cgi-bin/printenv/my%2fparam" SCRIPT_FILENAME="/space/store/httpd/cgi-bin/printenv" SCRIPT_NAME="/cgi-bin/printenv" SERVER_ADDR="129.158.224.203" SERVER_ADMIN="[EMAIL PROTECTED]" SERVER_NAME="agneyam" SERVER_PORT="80" SERVER_PROTOCOL="HTTP/1.0" SERVER_SIGNATURE="" SERVER_SOFTWARE="Apache/2.3.0-dev (Unix)" TZ="Asia/Calcutta" -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
