"Joshua J. Kugler" <isdat_private> writes: > A lot of the requests are good, it looks like he was trying to traverse the > tree. Every now and then, there are requests of the form: > > /~EgggNoggg/Testing/?D=A > > Is the ?D=A testing for some hole? No, it's just following a link that Apache's standard directory list generates - if you go to http://www.as.uaf.edu/~EgggNoggg/Testing/ and follow one of the "Name", "Size" or other column headings' links, you'll get a URL that looks like that. > Here are some other odd ones > 130.225.77.30 - - [11/May/2001:11:33:06 -0800] > "GET/~havolina/%20%20%20%20%20%20%20http://www.cicv.fr/creation_artistique/online/orlan/index.html > HTTP/1.0" 404 386 "-" "Mozilla 4.0 (compatible; HttpTool/0.1)" Nothing odd here except that the referring page - http://www.as.uaf.edu/~havolina/links.html - has a bad link. Way to go WYSIWYG editors... The other URLs you cite are all Apache-generated directory sort links. And a bit of searching solves the question of where the long recursive URL seems to come from. If you go to http://www.as.uaf.edu/sic/ and _don't_ have a password for the site, you get a page that, among other things, includes this down at the bottom: <A href="stugov/">About ASUAF</A> | Now, following that link will attempt to access http://www.as.uaf.edu/sic/stugov/ - again, without a password you get the same "please give us a password" page. And again, down at the bottom you have the HTML fragment: <A href="stugov/">About ASUAF</A> Which when followed will attempt to access http://www.as.uaf.edu/sic/stugov/stugov/ and so forth. There are at least two ways I can see of avoiding this. One is to have the links at the bottom of the page all start with /'s - so that the HTML fragment above becomes <A href="/stugov/">About ASUAF</A> Another is to include a BASE tag in the "please enter your password" page, for example: <BASE href="http://www.as.uaf.edu/sic"> I will note that another way that happens to work in this case is to leave off the trailing slash from "stugov", but that feels a bit too hackish. (I've always been touchy about leaving that trailing slash on there; sure, Apache and IIS always issue redirects from http://somewhere/something/subdir to http://somewhere/something/subdir/ but not every server necessarily behaves that way - blame my early experience with OSU's VMS-based server)
This archive was generated by hypermail 2b30 : Wed May 23 2001 - 17:30:33 PDT