[prev in list] [next in list] [prev in thread] [next in thread]
List: mono-devel-list
Subject: [Mono-dev] mod-mono/XSP - HttpRequest.Path is unenescaped twice from the raw URL that came over the
From: Jared Watts <jared () symform ! com>
Date: 2012-04-10 20:52:04
Message-ID: 84DD5FE37A599D439AFD71AD5F760AA076689A07 () EXMBX07 ! netplexity ! local
[Download RAW message or body]
I opened the following bug on this issue, but was wondering if the dev list had any \
thoughts: https://bugzilla.xamarin.com/show_bug.cgi?id=4135
Basically, in our mod-mono/XSP setup, the raw URL coming into mod-mono is unescaped a \
second time when accessing the HttpRequest.Path property. This change was made in \
the following revision: \
https://github.com/mono/mono/commit/dbc7b5c86c9c7d4001e28d5c63f1c774ec0a64a0
Does anyone have insight into why the HttpRequest.Path property would get unescaped \
again after it was already unescaped by mod-mono and passed along to XSP? What \
functionality necessitates the path to get unescaped again? I would think that a Http \
server should only unescape the URL one time.
It actually breaks functionality (unhandled ArgumentException) with certain URLs, \
more details are in the bug<https://bugzilla.xamarin.com/show_bug.cgi?id=4135>.
Requested URL on the wire = /File/101497/1L%25001!.WPD?format=bin
HttpRequest.RawUrl = /File/101497/3L%001!.WPD?format=bin
HttpRequest.Path = /File/101497/3L^@1!.WPD<mailto:/File/101497/3L%5e@1!.WPD> <--Null \
character (unescaped %00)
Any thoughts? Thanks!
- jared
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type \
content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 \
(filtered medium)"><style><!-- /* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div \
class=WordSection1><p class=MsoNormal>I opened the following bug on this issue, but \
was wondering if the dev list had any thoughts:<o:p></o:p></p><p class=MsoNormal><a \
href="https://bugzilla.xamarin.com/show_bug.cgi?id=4135">https://bugzilla.xamarin.com/show_bug.cgi?id=4135</a><o:p></o:p></p><p \
class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Basically, in our \
mod-mono/XSP setup, the raw URL coming into mod-mono is unescaped a second time when \
accessing the HttpRequest.Path property. This change was made in the following \
revision:<o:p></o:p></p><p class=MsoNormal><a \
href="https://github.com/mono/mono/commit/dbc7b5c86c9c7d4001e28d5c63f1c774ec0a64a0">ht \
tps://github.com/mono/mono/commit/dbc7b5c86c9c7d4001e28d5c63f1c774ec0a64a0</a><o:p></o:p></p><p \
class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Does anyone have insight into \
why the HttpRequest.Path property would get unescaped again after it was already \
unescaped by mod-mono and passed along to XSP? What functionality necessitates \
the path to get unescaped again? I would think that a Http server should only \
unescape the URL one time.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p \
class=MsoNormal>It actually breaks functionality (unhandled ArgumentException) with \
certain URLs, more details are in the <a \
href="https://bugzilla.xamarin.com/show_bug.cgi?id=4135">bug</a>.<o:p></o:p></p><p \
class=MsoNormal><o:p> </o:p></p><p class=MsoNormal \
style='background:#E8E8E8'><span style='font-size:13.5pt;font-family:"Courier \
New";color:black'>Requested URL on the wire = \
/File/101497/1L%25001!.WPD?format=bin<o:p></o:p></span></p><p class=MsoNormal \
style='background:#E8E8E8'><span style='font-size:13.5pt;font-family:"Courier \
New";color:black'>HttpRequest.RawUrl = \
/File/101497/3L%001!.WPD?format=bin<o:p></o:p></span></p><p class=MsoNormal \
style='background:#E8E8E8'><span style='font-size:13.5pt;font-family:"Courier \
New";color:black'>HttpRequest.Path = <a \
href="mailto:/File/101497/3L%5e@1!.WPD">/File/101497/3L^@1!.WPD</a> <--Null \
character (unescaped %00)<o:p></o:p></span></p><p \
class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p \
class=MsoNormal>Any thoughts? Thanks!<o:p></o:p></p><p \
class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>- \
jared<o:p></o:p></p></div></body></html>
_______________________________________________
Mono-devel-list mailing list
Mono-devel-list@lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-devel-list
--===============0968384992==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic