You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by gr...@apache.org on 2002/10/24 22:17:01 UTC

byterange filter/redirect bug?

check this out:

[gregames@daedalus gregames]$ grep "194.65.14.76 .*binaries.* 416 "
/logs/www/weblog | wc -l
   69763

I asked root to block this IP for a while, because we are getting a couple of
these every second.  I suspect there's an httpd bug here as well as a looping
client.  We shouldn't be returning 416 "Invalid Range" for something that's
redirected, but it sure looks like we are.  I wonder what the byterange filter
does when it sees a redirect response, and there are input Range: headers?

Greg

[gregames@daedalus gregames]$ grep "194.65.14.76 .*binaries.* 416 "
/logs/www/weblog | tail
www.apache.org 194.65.14.76 - - [24/Oct/2002:13:05:32 -0700] "GET
/dist/httpd/binaries/win32/apache_1.3.27-win32-x86-no_src.exe HTTP/1.1" 416 387
"http://www.apache.org/dist/httpd/binaries/win32/" "Mozilla/4.0 (compatible;
MSIE 5.00; Windows 98)"
www.apache.org 194.65.14.76 - - [24/Oct/2002:13:05:32 -0700] "GET
/dist/httpd/binaries/win32/apache_1.3.27-win32-x86-no_src.exe HTTP/1.1" 416 387
"http://www.apache.org/dist/httpd/binaries/win32/" "Mozilla/4.0 (compatible;
MSIE 5.00; Windows 98)"
www.apache.org 194.65.14.76 - - [24/Oct/2002:13:05:33 -0700] "GET
/dist/httpd/binaries/win32/apache_2.0.43-win32-x86-no_ssl.exe HTTP/1.1" 416 387
"http://www.apache.org/dist/httpd/binaries/win32/" "Mozilla/4.0 (compatible;
MSIE 5.00; Windows 98)"
www.apache.org 194.65.14.76 - - [24/Oct/2002:13:05:33 -0700] "GET
/dist/httpd/binaries/win32/apache_2.0.43-win32-x86-no_ssl.exe HTTP/1.1" 416 387
"http://www.apache.org/dist/httpd/binaries/win32/" "Mozilla/4.0 (compatible;
MSIE 5.00; Windows 98)"

Re: byterange filter/redirect bug?

Posted by gr...@apache.org.

gregames@apache.org wrote:
 
>    We shouldn't be returning 416 "Invalid Range" for something that's
> redirected, but it sure looks like we are.  I wonder what the byterange filter
> does when it sees a redirect response, and there are input Range: headers?

To answer my own question, it's definately busted.  I'll work up a patch for
daedalus to bail out of the byterange filter if the status isn't 200 HTTP_OK
upon entry, then look at the RFC and 1.3 to see if that's the right solution.

Greg

[gregames@gandalf netcat]$ cat redirect.no_br
HEAD /dist/httpd/binaries/win32/apache_2.0.43-win32-x86-no_ssl.exe HTTP/1.1
Host: www.apache.org

[gregames@gandalf netcat]$ nc www.apache.org 80 < redirect.no_br
HTTP/1.1 302 Found
Date: Fri, 25 Oct 2002 13:55:53 GMT
Server: Apache/2.0.43 (Unix)
Location:
http://nagoya.apache.org/dist/httpd/binaries/win32/apache_2.0.43-win32-x86-no_ssl.exe
Content-Type: text/html; charset=iso-8859-1

[gregames@gandalf netcat]$ cat redirect.br16k
HEAD /dist/httpd/binaries/win32/apache_2.0.43-win32-x86-no_ssl.exe HTTP/1.1
Host: www.apache.org
Range: bytes=16000-

[gregames@gandalf netcat]$ nc www.apache.org 80 < redirect.br16k
HTTP/1.1 416 Requested Range Not Satisfiable
Date: Fri, 25 Oct 2002 13:56:23 GMT
Server: Apache/2.0.43 (Unix)
Content-Type: text/html; charset=iso-8859-1