[Bug 224956] New: apache2: ErrorDocument in /cgi-bin
https://bugzilla.novell.com/show_bug.cgi?id=224956 Summary: apache2: ErrorDocument in /cgi-bin Product: SUSE Linux 10.1 Version: Final Platform: Other OS/Version: SuSE Linux 10.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: guido@imperia.net QAContact: qa@suse.de Internal server errors in cgi scripts are not handled correctly in a vanilla apache installation. There is something wrong with the ErrorDocument directive. To reproduce: Install the apache2-2.2.0-21.7 rpm, start apache with the default configuration and then "cat /dev/null >/srv/www/cgi-bin/broken.sh". Then access the URL http://localhost/cgi-bin/broken.pl. The error page (see below) in the response is of Content-Type application/x-shellscript instead of text/html, and consequently most browsers will offer to download the page instead of displaying it inline. Apart from that, the error page also says "Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request." As a consequence, the visitor of the broken URI never seens an error message. # telnet localhost 80 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. GET /cgi-bin/broken.sh HTTP/1.1 Host: localhost Connection: close HTTP/1.1 500 Internal Server Error Date: Thu, 30 Nov 2006 16:49:44 GMT Server: Apache/2.2.0 (Linux/SUSE) Content-Length: 0 Connection: close Content-Type: application/x-shellscript <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>500 Internal Server Error</title> </head><body> <h1>Internal Server Error</h1> <p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p> <p>Please contact the server administrator, webmaster@imperia.net and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p> <p>More information about this error may be available in the server error log.</p> <p>Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.</p> <hr> <address>Apache/2.2.0 (Linux/SUSE) Server at localhost Port 80</address> </body></html> Connection closed by foreign host. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=224956 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |guido@imperia.net ------- Comment #1 from mhorvath@novell.com 2006-12-01 08:29 MST ------- Please attach your /var/log/apache2 . Thank you. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=224956 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Info Provider|guido@imperia.net | Resolution| |WONTFIX ------- Comment #2 from mhorvath@novell.com 2006-12-11 14:46 MST ------- Please reopen the bug if you can provide the needed information, thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=224956 suse-beta@cboltz.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Component|Network |Network Product|SUSE Linux 10.1 |openSUSE 10.2 Resolution|WONTFIX | ------- Comment #3 from suse-beta@cboltz.de 2006-12-21 14:06 MST ------- This bug is easily reproducable as described in the initial comment on 10.2 final. An easier way to reproduce is - touch /srv/www/cgi-bin/broken.sh - open http://localhost/cgi-bin/broken.sh in your favorite browser Expected result: the browser shows a 500 page Actual result: the browser offers to download the empty file The Apache logs show: access_log: 127.0.0.1 - - [21/Dec/2006:21:55:25 +0100] "GET /cgi-bin/broken.sh HTTP/1.0" 500 - "-" "-" 127.0.0.1 - - [21/Dec/2006:21:56:22 +0100] "GET /cgi-bin/broken.sh HTTP/1.0" 500 - "-" "-" error_log: [Thu Dec 21 21:55:32 2006] [error] [client 127.0.0.1] (13)Permission denied: exec of '/srv/www/cgi-bin/broken.sh' failed [Thu Dec 21 21:55:32 2006] [error] [client 127.0.0.1] Premature end of script headers: broken.sh [Thu Dec 21 21:56:27 2006] [error] [client 127.0.0.1] (8)Exec format error: exec of '/srv/www/cgi-bin/broken.sh' failed [Thu Dec 21 21:56:27 2006] [error] [client 127.0.0.1] Premature end of script headers: broken.sh The first try was directly after the touch'ing the file, the second after a chmod +x. However, the reason of the failure is completely unimportant - it's just important to enforce the Content-Type header to "text/html" for error documents. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=224956 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |poeml@novell.com |screening@forge.provo.novell| |.com | Status|REOPENED |NEW -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=224956 poeml@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Comment #4 from poeml@novell.com 2007-02-09 12:27 MST ------- found it... *** This bug has been marked as a duplicate of bug 189271 *** -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com