[Bug 55712] New: Relative gets
confused by double slashes in request URL
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55712
Anders Kaseorg <an...@mit.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Relative <!--#include |Relative <!--#include
|virtual="../file.shtml |virtual="../file.shtml"-->
| |gets confused by double
| |slashes in request URL
--- Comment #1 from Anders Kaseorg <an...@mit.edu> ---
This document at DOCUMENT_ROOT/subdir/index.shtml:
<!--#include virtual="../file.shtml"-->
obviously intends to include DOCUMENT_ROOT/file.shtml, which indeed is what it
will do when accessed through http://server/subdir/index.shtml. However, when
accessed through http://server/subdir//index.shtml (with an extra slash), it
will instead include DOCUMENT_ROOT/subdir/file.shtml! This leads to “[an error
occurred while processing this directive]” if the latter file doesn’t exist, or
the wrong file being included if it does. (One could perhaps imagine this
leading to an information disclosure vulnerability in contrived cases.)
This problem exists as far back as 2.0.40, but it doesn’t seem to exist on a
1.3.x server (that isn’t mine, so I can’t say for sure).
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org