knoppix.nl - server sends *.iso files as plain/text, so they will open in the browser window

RESOLVED FIXED

Status

Tech Evangelism Graveyard
Dutch
P3
normal
RESOLVED FIXED
13 years ago
3 years ago

People

(Reporter: Alexey Fisher, Unassigned)

Tracking

Details

(URL)

(Reporter)

Description

13 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20051017 Firefox/1.6a1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20051017 Firefox/1.6a1

if try to download any *.iso file from
http://ftp.knoppix.nl/os/Linux/distr/knoppix/ , browser try to open file as
plain text in browser window. If file is too big browser hang ore freez till i
kill it with prozess meneger. Possible Buffer-Overflow

Reproducible: Always

Steps to Reproduce:
1.Go to http://ftp.knoppix.nl/os/Linux/distr/knoppix/
2.Open any link with *.iso extension for examle
http://ftp.knoppix.nl/os/Linux/distr/knoppix/KNOPPIX_V4.0.2CD-2005-09-23-EN.iso
3. Wait

Actual Results:  
Trying to open in the browser window.

Expected Results:  
Download the link with download manager ore ask what to do with it.
It's opened in the browser window by default because the server sends
  Content-Type: text/plain; charset=UTF-8
instead of some type that would be interpreted as a binary file.

The browser doesn't seem to be truly hung, it's just unresponsive as it tries to
display such a large amount of data. It does eventually respond to menu clicks
(but it's effectively useless), purify doesn't find any memory errors. I think
this is just a DoS at best.
Group: security

Comment 2

13 years ago
Unusablity for large page, see for example bug 99943.  As for the fact the ISO
is sent as text, I guess that is TE.

Updated

13 years ago
Assignee: nobody → dutch
Severity: critical → normal
Status: UNCONFIRMED → NEW
Component: Download Manager → Dutch
Ever confirmed: true
OS: Windows XP → All
Product: Firefox → Tech Evangelism
QA Contact: download.manager → dutch
Hardware: PC → All
Summary: trying to open *.iso file as plain/text in browser window, if file is big browser freezd → knoppix.nl - server sends *.iso files as plain/text, so they will open in the browser window

Comment 3

13 years ago
Going to that site, i get a "Welcome at ftp.nluug.nl".

Assuming that nluug.nl are the true webmasters. Sent an e-mail to info@nluug.nl
Priority: -- → P3

Comment 4

13 years ago
Got msg from web master that he changed the content type.

And indeed this is fixed; marking as such.
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → FIXED
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in before you can comment on or make changes to this bug.