-----Original Message----- From: Marcus Kellermann Sent: Thursday, February 06, 2003 9:38 AM To: Robert Priest Subject: RE: cvs commit: jakarta-tomcat-connectors/jk/native2/server/isapi jk_isapi_plugin.c
The problem is exactly like Ignacio says the ISAPI filter is intercepting even valid URLS that IIS can handle. The IIS server is doing more than just redirecting to TOMCAT. Unless the URL starts with a match in redirector.properties it should ignore the request and let IIS handle it -----Original Message----- From: Robert Priest Sent: Thursday, February 06, 2003 9:34 AM To: Marcus Kellermann Subject: FW: cvs commit: jakarta-tomcat-connectors/jk/native2/server/isapi jk_isapi_plugin.c -----Original Message----- From: Larry Isaacs [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 06, 2003 8:02 AM To: Tomcat Developers List Subject: RE: cvs commit: jakarta-tomcat-connectors/jk/native2/server/isapi jk_isapi_plugin.c > -----Original Message----- > From: Ignacio J. Ortega [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 06, 2003 4:51 AM > To: 'Tomcat Developers List' > Subject: RE: cvs commit: > jakarta-tomcat-connectors/jk/native2/server/isapi jk_isapi_plugin.c > > > Larry, > > > > > Thanks. The restored mod_jk behavior is the same as > > Tomcat 3.3.x with <DecodeInterceptor ... safe="true"/>, > > the default. Unsafe escapes give 403's. We can > > add a similar option to mod_jk to turn off the checking. > > Though, I can't image a situation where it would make > > sense to accept the risks to gain access to these escapes. > > The problem is that i_r2.dll is spitting 403 on any URL that contains > %2F, remeber fuilter do see ALL the request that pass for the IIS > server, we are rejecting URL NOT for tomcat, like in /test%2Ftest.asp, > this is the wrong behaviour the user seeing, and i think it's a little > agressive, dont you? so this needs to be solved.. > > Saludos, > Ignacio J. Ortega > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
