Lines 4563-4568
Link Here
|
4563 |
if (strcmp(r->handler, DAV_HANDLER_NAME) != 0) |
4563 |
if (strcmp(r->handler, DAV_HANDLER_NAME) != 0) |
4564 |
return DECLINED; |
4564 |
return DECLINED; |
4565 |
|
4565 |
|
|
|
4566 |
/* At this point, we can safely assume that mod_dav is going to handle |
4567 |
* this request. So we can check existence of un-escaped # by checking |
4568 |
* URI fragment and reject requests with un-escaped # to avoid nasty results |
4569 |
*/ |
4570 |
if(r->parsed_uri.fragment != NULL){ |
4571 |
ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, NULL, |
4572 |
"Faulty client : Un-escaped '#' detected in request URI"); |
4573 |
ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, NULL, |
4574 |
"Denying the request to avoid nasty results"); |
4575 |
return dav_error_response(r, HTTP_FORBIDDEN, "Faulty client : " |
4576 |
"Un-escaped hash character detected in" |
4577 |
"request URI"); |
4578 |
} |
4579 |
|
4566 |
/* ### do we need to do anything with r->proxyreq ?? */ |
4580 |
/* ### do we need to do anything with r->proxyreq ?? */ |
4567 |
|
4581 |
|
4568 |
/* |
4582 |
/* |