Re: Quotes in uploaded filenames are not parsed correctly.
That's actually what my production code does (where I originally found
this error) and I was trying to simplify the testcase down for the bug
report. ;)
If you set up the test exactly as described before, but use the
following Perl code instead, you still see just 'break' in the error
log:
package QuoteParse;
use strict;
use warnings;
use Apache2::RequestRec ();
use Apache2::Request ();
use Apache2::Upload();
use Apache2::Const -compile => qw(OK);
sub handler {
my $r = shift;
my $req = Apache2::Request->new($r);
if( my $upload = $req->upload('foo') ){
warn $upload->filename();
}
$r->content_type('text/html');
print "";
return Apache2::Const::OK;
}
1;
On Mon, Jan 5, 2009 at 7:50 AM, Adam Prime wrote:
> Miles Crawford wrote:
>>
>> I agree it looks bogus, but safari and firefox send the header in that
>> format. Not sure about IE since Windows does not allow files with a "
>> in the name.
>>
>> I looked over the Content-Disposition header RFC but it does not seem
>> to address escaping directly.
>>
>> Either way, it seems that this format is a "browser fact of life"
>
> I suggested this in IRC, but never saw a reply. Perhaps it's because you're
> using $r->param for a input type=file? I'd check to see what
> $upload->filename gives you when you use Apache2::Upload to handle the file
> upload instead.
>
> Adam
>
Re: Quotes in uploaded filenames are not parsed correctly.
Miles Crawford wrote: I agree it looks bogus, but safari and firefox send the header in that format. Not sure about IE since Windows does not allow files with a " in the name. I looked over the Content-Disposition header RFC but it does not seem to address escaping directly. Either way, it seems that this format is a "browser fact of life" I suggested this in IRC, but never saw a reply. Perhaps it's because you're using $r->param for a input type=file? I'd check to see what $upload->filename gives you when you use Apache2::Upload to handle the file upload instead. Adam
Re: Segmentation fault with Perl-Catalyst app
Perrin Harkins wrote: > On Sun, Dec 7, 2008 at 12:51 PM, Terence Monteiro > wrote: >> I'm getting segmentation faults with apache child processes. I'm running a >> Catalyst application using DBIx::SearchBuilder in the backend to accesss a >> mysql database. > > My guess is that you're opening database handles in the parent process > at startup and then trying to use them in child processes later on. > Check your code to make sure it doesn't keep any open database handles > from startup. How do I make sure my code doesn't keep open database handles from startup? Do I need to close the handles after each HTTP request I handle? I'll be glad if someone can post a link or Catalyst code do so. > > - Perrin -- Thanks and Regards, Terence Monteiro. DeepRoot Linux, http://www.deeproot.in Ph: +91 (80) 4089 Getting GNU/Linux to work for you. Faster. Better. Today. Every way
Re: Quotes in uploaded filenames are not parsed correctly.
Miles Crawford wrote: That's actually what my production code does (where I originally found this error) and I was trying to simplify the testcase down for the bug report. ;) Theoretically I guess you should report the bug to apreq-...@httpd.apache.org. It does seem wrong, but to me it mostly seems like it's the browsers that are behaving badly. Adam
Issue with Apache2-AuthenNTLM-0.02 module
Hi, Environment: Apache/2.2.8 (Unix) DAV/2 mod_perl/2.0.4 Perl/v5.8.5 configured I'm trying to use Apache2-AuthenNTLM-0.02 for doing NTLM authentication. It works fine in normal scenarios. But if there are more than 2 requests come at the same time, I see the following error in Apahe error log file and it prompts for username / password. "SMB Server connection not open in state 3" As per the document (http://search.cpan.org/~speeves/Apache2-AuthenNTLM-0.02/AuthenNTLM.pm), i enabled serialization to solve the above issue (set ntlmsemkey value to "23754"). But now Apache is hanging after serving couple of requests. Am i missing something? what is the right value for ntlmsemkey? Any help? Thanks Subbaiah
Re: Settings $r->connection->remote_ip doesn't change $r->connection->remote_addr
On Thu, Dec 18, 2008 at 10:56 AM, Mark Moseley wrote: > I've been banging my head against a wall about a particular issue, but > I'm at something of a loss. >... For the benefit of anyone trying to solve this same problem after switching to mp2, there's a C module called mod_rpaf that does this. If anyone has any info on doing this in a purely perl way, I'm all ears. Having to use a C module means losing a lot of the flexibility of being able to do it in perl -- mainly to support multiple possible "real IP" headers and to do my own access checks -- mod_rpaf will limit to certain source IPs which is good but not nearly as nice as doing it in perl. This was support in mp1 as of mp 1.23, though perhaps the new API makes it quite hard to pull off in perl. According to apache2_structures.map, remote_addr is a read-only at the moment but todo/api_status mentions it as a candidate for making read-write. Anybody have any pointers on how to make (safely) it read-write? The docs for Apache2::compat have a compatible routine for remote_addr but if you try to use it, you get the same 'Can't locate object method "ip_set" via package "APR::SockAddr"' error. The Changes for mp2 mention ip_set being removed in 1.99_12 but don't mention why. For any of you folks on the modperl-dev list, let me know if this would be more appropriate to post there (i.e. not sure if that's a developer-only list).
