#639 HTTP redirect for dir → dir/ causes endless loop

Reporter Zash
Owner Zash
Created
Updated
Stars (0)  
Tags
  • Milestone-0.9
  • Status-Fixed
  • Type-Defect
  • mod_http_files
  • Priority-Medium
  1. Zash on

    What steps will reproduce the problem? 1. Enable mod_http_files and point to a directory that contains a subdirectory 2. GET /files/subdir/ What is the expected output? 200 OK and index.html or 403 if no index found What do you see instead? 301 redirect to same path What version of the product are you using? Affects 0.9, 0.10 and trunk The first bad revision is: http://hg.prosody.im/0.9/rev/e9f07febafb3 mod_http_files: Santize the path relative to our base URL before translating it to a filesystem path, fixes a relative path traversal vulnerability The cause appears to be that <code>sanitize_path("subdir/")</code> returns "/subdir". Then the code that is meant to redirect /subdir to /subdir/ does its thing.

  2. Zash on

    Changes
    • tags mod_http_files Milestone-0.9 Status-Started
    • owner Zash
  3. Zash on

    Fixed in http://hg.prosody.im/0.9/rev/20246b139607

    Changes
    • tags Status-Fixed

New comment