Page MenuHomePhabricator
Create Task
Maniphest T11204

Slash (/) entered as %2F causes 404 file not found error
Closed, ResolvedPublic
Actions

Description

Author: harryboyles

Description:
I've got a Firefox keyword search bookmark created (so that when i type "wpgo
Main Page" it will take me to the enwiki Main Page). This works fine if the page
is not a subpage. However, when it is, Firefox replaces the / with %2F, colon :
with %3A, etc (in the case of
http://en.wikipedia.org/wiki/User%3AHarryboyles%2FStatus). The %2F causes a 404
file not found error to occur. I'm not sure whether this is a Firefox issue,
Wikimedia issue or MediaWiki issue.

Version: unspecified
Severity: normal
Platform: PC

Details

Reference
bz9204

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:39 PM
bzimport added projects: WMF-General-or-Unknown, Shell.
bzimport set Reference to bz9204.
bzimport created this task.Mar 7 2007, 10:29 AM
Raymond added a comment.Mar 7 2007, 10:32 AM
  • Bug 9205 has been marked as a duplicate of this bug. ***
brion added a comment.Mar 7 2007, 11:15 PM

This is a low-level "feature" in Apache.

brion added a comment.Oct 24 2007, 2:38 PM
  • Bug 11735 has been marked as a duplicate of this bug. ***
AzaToth added a comment.Nov 8 2007, 10:55 PM

See http://httpd.apache.org/docs/2.0/mod/core.html#allowencodedslashes how to fix this. in my opinion, it should be fixed, as I think there is no security issue here in danger by allowing encoded hashes.

brion added a comment.Nov 13 2007, 4:04 PM

When we've upgraded every server to Apache 2, we'll take a peek. :)

Catrope added a comment.Nov 13 2007, 4:23 PM

(In reply to comment #5)

When we've upgraded every server to Apache 2

Do you mean WMF servers still run Apache 1.3? *shock*

P.Copp added a comment.Feb 6 2009, 7:31 PM

*** Bug 17389 has been marked as a duplicate of this bug. ***

MZMcBride added a comment.Feb 6 2009, 7:33 PM

Reopening.

(1) Makes it easier to find when searching to avoid dupes.
(2) This should probably be looked at again. How far along is the transition to Apache 2?

MZMcBride added a comment.Feb 11 2009, 9:17 PM

This blog post details five ways to solve this issue: http://www.jampmark.com/web-scripting/5-solutions-to-url-encoded-slashes-problem-in-apache.html

brion added a comment.Feb 11 2009, 9:23 PM

Note four of those ways are "don't encode them that way", and one is to use the configuration option in Apache 2 mentioned above to disable the stupid restriction. :)

Complete Apache 2 use is still pending on completion of the Ubuntu migration -- filing this as bug 17452 so we have it in the dependency tree.

*After* the migration is completed we can go ahead and disable the check. Until then it should remain on so behavior will remain consistent.

Reedy added a comment.Dec 1 2010, 6:24 PM

Ping

tstarling added a comment.Mar 24 2011, 3:04 AM

Done.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL