Closed Bug 187868 Opened 22 years ago Closed 17 years ago

<segment>/../ is converted to <segment>/ in absolute URIs

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX
Milestone:
Future

People

(Reporter: dsmutil, Unassigned)

References

(
URL
)

Details

(Keywords: verifyme)

User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.3a) Gecko/20021212 Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.3a) Gecko/20021212 In an absolute URL, such as the one listed above, the "/.." is parsed out of the path as if it were a relative link. RFC 2396 says that "." and ".." only have a special meaning when "interpreting a relative path" and not in an absolute path. As I understand this, if we're at http://www.google.com/images/index.html and have an image at ../logo.gif it should go to http://www.google.com/logo.gif but if the image was at http://www.google.com/images/../logo.gif then that's the path that should be sent. (See section 5.2 of this RFC.) Reproducible: Always Steps to Reproduce: This was prompted in part by bug 87501 and bug 187845.
Yes, correct, but we always mormalize urls to make them compareable and that includes collapsing the path by removing .. segments as much as possible, so http://www.google.com/images/../logo.gif ends up as http://www.google.com/logo.gif on the client side. It should make no difference on the page/image that gets returned but helps compare urls.
That makes since, but ".." doesn't need to mean the parent folder to the server. I've never seen a web server that uses ".." as something other then the parent folder but it could be used that way.
dan: do you have a real testcase for this bug? what do other browsers do?
I did some experiments with IE 5.5 and Opera 7 beta demo (I'm not sure what else to try; I only use Mozilla). As a test, I created a web page with a single link to http://www.pusd.org/it/../public_index.asp . The page also worked when I sent the entire path to the server (with the "..") via Telnet to port 80. MSIE 5.5 - Showed the entire path in the address bar when typed (including the ".." in the path) but it actually requested the page with the truncated path. Opera 7 beta - Shortened the path like Mozilla does and then requested the shorter path.
moving out.
Target Milestone: --- → Future
Blocks: 206990
*** This bug has been marked as a duplicate of 51169 ***
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
Not the same bug. Bug 51169 deals with relative URIs that include a scheme; this bug is for an absolute URI that includes "/../" in the path.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
mass reassigning to nobody.
Assignee: dougt → nobody
Status: REOPENED → NEW
SUMMARY: Dan's point about the strict reading of the use of ".." is probably correct. However, mozilla implements the URL passing as Andreas described, and having tested a lot of the URL fixes he wrote, I doubt that anyone is going to come up with a better solution. Also, the concern was theoretical. Nobody has come back with an example (or a crazy webserver/file system) that wanted ".." to mean anything else.
Status: NEW → RESOLVED
Closed: 18 years ago17 years ago
Keywords: verifyme
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.