Last modified: 2011-12-14 03:35:59 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T34986, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 32986 - img_auth.php creates redirect loop while trying to make IE safe url when filename is like "'IIMV4.1'.pdf"
img_auth.php creates redirect loop while trying to make IE safe url when file...
Status: NEW
Product: MediaWiki
Classification: Unclassified
File management (Other open bugs)
1.18.x
All All
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-12-12 14:25 UTC by Coool
Modified: 2011-12-14 03:35 UTC (History)
4 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Coool 2011-12-12 14:25:57 UTC 
After upgrade from MediaWiki 1.17 to 1.18 I can't download anymore pdf files which contains ' (URL encoded as %27) in filename. Apache web server say too many redirects (configured default 10) and file name generates as 'filename'.pdf?&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&* I'm using img_auth.php method getting files.
Comment 1 Bawolff (Brian Wolff) 2011-12-14 01:04:16 UTC 
Well that's interesting. When testing this http://localhost/w/phase3/index.php?title=File:%27test%27.pdf went to image page as it was supposed to, but http://localhost/w/phase3/index.php/File:%27Ntest%27.pdf did not. (Not directly same as your issue, but probably related)
Comment 2 Bawolff (Brian Wolff) 2011-12-14 01:59:52 UTC 
(In reply to comment #1)
> Well that's interesting. When testing this
> http://localhost/w/phase3/index.php?title=File:%27test%27.pdf went to image
> page as it was supposed to, but
> http://localhost/w/phase3/index.php/File:%27Ntest%27.pdf did not. (Not directly
> same as your issue, but probably related)

Or actually ignore that. Seems to have fixed itself.

----
Getting back to your issue. It seems like you need more then just the quote, you also need a period.

Steps to reproduce:
*enable img_auth.php
*upload a file named 'IIMV4.1'.pdf
*Look at the redirect loop created by img_auth
Comment 3 Bawolff (Brian Wolff) 2011-12-14 02:13:45 UTC 
cc'ing Tim since he was involved in the IE extension stuff.


So what seems to happen in my test (using file name 'IIMV4.1'.pdf )

*$_SERVER['PATH_INFO'] for some reason is "/0/01/?IIMV4.1?.pdf" (why the ' turns into a ? i'm unsure)
*First ? is ignored as not a possible extension, because isn't precedeeded by a period
*Second ? is considered terminating an extension (Aka thinks file has extension .1), so now checks that extension, see's its not in the whitelist (Since not .pdf)
*MW tries to redirect the request adding &* to the end.
*Since the actual url has ' in it instead of ?, the redirected url is detected as being ok as far as IE extension is concerned, so it thinks this won't create a loop.
*And then we repeat.

I suppose we should make the redirect loop check also check to see if the url already ends in a &*, but I'm not sure if its normal for PATH_INFO to have the weirdness of ' being replaced by ? and if some programming around that is needed.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links