Closed Bug 187868 Opened 22 years ago Closed 16 years ago

<segment>/../ is converted to <segment>/ in absolute URIs

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX
Milestone:
Future

People

(Reporter: dsmutil, Unassigned)

References

(
URL
)

Details

(Keywords: verifyme) 

User-Agent:       Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.3a) Gecko/20021212
Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.3a) Gecko/20021212

In an absolute URL, such as the one listed above, the "/.." is parsed out of the
path as if it were a relative link. RFC 2396 says that "." and ".." only have a
special meaning when "interpreting a relative path" and not in an absolute path.
As I understand this, if we're at http://www.google.com/images/index.html and
have an image at ../logo.gif it should go to http://www.google.com/logo.gif but
if the image was at http://www.google.com/images/../logo.gif then that's the
path that should be sent. (See section 5.2 of this RFC.)

Reproducible: Always

Steps to Reproduce:




This was prompted in part by bug 87501 and bug 187845.
Yes, correct, but we always mormalize urls to make them compareable and that
includes collapsing the path by removing .. segments as much as possible, so
http://www.google.com/images/../logo.gif ends up as
http://www.google.com/logo.gif on the client side. It should make no difference
on the page/image that gets returned but helps compare urls. 

That makes since, but ".." doesn't need to mean the parent folder to the server.
I've never seen a web server that uses ".." as something other then the parent
folder but it could be used that way.
dan: do you have a real testcase for this bug?  what do other browsers do?
I did some experiments with IE 5.5 and Opera 7 beta demo (I'm not sure what else
to try; I only use Mozilla). As a test, I created a web page with a single link
to http://www.pusd.org/it/../public_index.asp . The page also worked when I sent
the entire path to the server (with the "..") via Telnet to port 80.

MSIE 5.5 - Showed the entire path in the address bar when typed (including the
".." in the path) but it actually requested the page with the truncated path.

Opera 7 beta - Shortened the path like Mozilla does and then requested the
shorter path.
moving out.
Target Milestone: --- → Future
Blocks: 206990

*** This bug has been marked as a duplicate of 51169 ***
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
Not the same bug. Bug 51169 deals with relative URIs that include a scheme; this bug is for an absolute URI that includes "/../" in the path.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
mass reassigning to nobody.
Assignee: dougt → nobody
Status: REOPENED → NEW
SUMMARY:

Dan's point about the strict reading of the use of ".." is probably correct.

However, mozilla implements the URL passing as Andreas described, and having tested a lot of the URL fixes he wrote, I doubt that anyone is going to come up with a better solution.

Also, the concern was theoretical. Nobody has come back with an example (or a crazy webserver/file system) that wanted ".." to mean anything else.
Status: NEW → RESOLVED
Closed: 18 years ago16 years ago
Keywords: verifyme
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.