bad-behavior framework blocks Gecko/25 User-Agent string

RESOLVED INVALID

Status

RESOLVED INVALID
5 years ago
5 years ago

People

(Reporter: karlcow, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sitewait] [lib-badbehavior] [serversniff], URL)

(Reporter)

Description

5 years ago
When Firefox OS/Firefox Android contains Gecko/25, the framework bad-behavior blocks the user agent string with a 403.

GET / HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate, compress
Host: www.sansimera.gr
User-Agent: Android Mobile Gecko/25

HTTP/1.1 403 Bad Behavior
Content-Encoding: gzip
Content-Length: 740
Content-Type: text/html; charset=UTF-8
Date: Tue, 29 Oct 2013 21:15:26 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_bwlimited/1.4
Vary: User-Agent,Accept-Encoding
X-Powered-By: PHP/5.3.24


Any string which is on the form 

"Gecko/25.*" is being blocked.
Gecko/252, Gecko/2525, etc. even Gecko/25a

In the source code of the framework, we can see in the file blacklist.inc.php, line 86 of the version 2.2.14
http://downloads.wordpress.org/plugin/bad-behavior.2.2.14.zip

		"Gecko/2525",		// revisit this in 500 years
(Reporter)

Comment 1

5 years ago
Contact page is http://bad-behavior.ioerror.us/contact/
(Reporter)

Updated

5 years ago
See Also: → bug 932026
(Reporter)

Comment 2

5 years ago
Contacted the owner
Whiteboard: [contactready] [lib-badbehavior] [serversniff] → [sitewait] [lib-badbehavior] [serversniff]
(Reporter)

Comment 3

5 years ago
Closing as INVALID. New version of bad Behavior behaves correctly.

> I cannot reproduce this with Bad Behavior 2.2.14. This update, released April 9, 2013, 
> contains a fix for this issue. As you can see, it was released well in advance of Firefox 25.
> 
> The corrected User-Agent blacklist string targets a malicious User-Agent which contains
> "Gecko/2525" which was followed by an obviously false month and day, in the manner in 
> which Mozilla products previously structured this part of the User-Agent. Prior to the 
> change, it would match anything that contained "Gecko/25". This change was made in 
> response to Mozilla's changing of the structure of the User-Agent string.
> 
> The most likely cause is that they did not apply the update to 2.2.14 correctly 
> (or at all). I would recommend that they remove their existing copy and upload a 
> fresh copy.
> 
> If you wish, you may refer the user to Bad Behavior's bug tracker at 
> http://redmine.ioerror.us/projects/bad-behavior
>
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → INVALID
(Reporter)

Updated

5 years ago
See Also: → bug 935657
(Reporter)

Updated

5 years ago
Blocks: 935657
You need to log in before you can comment on or make changes to this bug.