wu :: forums
        (http://www.ocf.berkeley.edu/~wwu/cgi-bin/yabb/YaBB.cgi)
      

        riddles >> suggestions, help, and FAQ >> A character string that causes server error
        
(Message started by: fiziwig on Jun 13th, 2007, 6:15pm)
Title: A character string that causes server error
Post by fiziwig on Jun 13th, 2007, 6:15pm
The character string consisting of the four characters:
double quote
percent sign
r (lower case)
double quote

anywhere in the submitted text causes the server to reply with the message:

Bad Request

Your browser sent a request that this server could not understand.
Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.8e Server at www.ocf.berkeley.edu Port 80

when the "Post" button is clicked.
Title: Re: A character string that causes server error
Post by towr on Jun 14th, 2007, 1:56am
Just the percent sign is enough to cause a problem at the moment.

And when I try to delete old PMs or posts, I get

Quote:
Method Not Implemented

GET to /~wwu/cgi-bin/yabb/YaBB.cgi not supported.
Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.8e Server at www.ocf.berkeley.edu Port 80
Title: Re: A character string that causes server error
Post by Grimbal on Jun 14th, 2007, 3:32am
%20 works.
00 instead of 20 doesn't.

As I said, I suspect there is an URLDecode going on, and a °/o without a valid code either creates an exception or is refused as suspect.

There must be a new firewall somewhere.
Title: Re: A character string that causes server error
Post by towr on Jun 21st, 2007, 9:58am
The problem that caused the error when trying to delete posts has been fixed, so you can recommence hiding your mistakes ;)

They're still searching for the percent-sign problem though.
Title: Re: A character string that causes server error
Post by towr on Jun 21st, 2007, 1:44pm
And now we can also post % to our hearts content again.

[e]actually, there's still a few strings beginning with % that don't work (like with 00), but I doubt they'll be a problem.[/e]
Title: Re: A character string that causes server error
Post by Grimbal on Jun 22nd, 2007, 5:19am
%

wow!

I've never appreciated the simple pleasure of posting a % sign before.
Title: Re: A character string that causes server error
Post by Sameer on Jun 22nd, 2007, 4:34pm

on 06/22/07 at 05:19:27, Grimbal wrote:
%

wow!

I've never appreciated the simple pleasure of posting a % sign before.


Did you anticipate this appreciation?

I would  have seen you try this flow

1) Put % in the typing box
2) Press "Post"
3) Be amazed that the post actually showed up
4) Press "Edit" to type in the appreciation of the simple pleasure you just experience

;)
Title: Re: A character string that causes server error
Post by JiNbOtAk on Jul 4th, 2007, 3:00am

on 06/22/07 at 16:34:32, Sameer wrote:
Did you anticipate this appreciation?

I would  have seen you try this flow

1) Put % in the typing box
2) Press "Post"
3) Be amazed that the post actually showed up
4) Press "Edit" to type in the appreciation of the simple pleasure you just experience

;)


Hehe, Sameer, nice observation on Grimby's ESP prowess   ;D
Title: Re: A character string that causes server error
Post by denis on Jul 9th, 2007, 7:11pm
I get the famous  "Bad Request Your browser sent a request that this server could not understand " whenever I have the umlaut (the double dot) over a vowel like in naive (here I used only the single dot on the "i" just so it could post this).

I suspect letters with french accents might also be affected but haven't tried.
Title: Re: A character string that causes server error
Post by Grimbal on Jul 10th, 2007, 1:08am
ï?
Title: Re: A character string that causes server error
Post by Grimbal on Jul 10th, 2007, 1:42am
The post above is the UTF-8 encoding of i-with-2-dots. The A-tilde alone (and all french accentuated characters I tested) are rejected.
One explanation I see is that there is a firewall that filters incoming requests and rejects anything suspicious.  It assumes the post is UTF-8 and tries to decode it.  If it cannot do that, it rejects the request.
Title: Re: A character string that causes server error
Post by denis on Jul 10th, 2007, 6:59am
Thanks for checking this Grimbal. I suspected as much.

My problem occurred when I was trying to put up my longest post (Framed!) so I thought it was the large size. But then I compared the size against the incredibly long riddle "Feux d'artifice" from Iceman. Mine had less text so I had to search out the problem by adding one paragraph at a time until I found the offending paragraph, then the offending sentence and then the offending word.
Title: Re: A character string that causes server error
Post by SMQ on Jul 12th, 2007, 12:10pm
Percent may be working; ampersand (http://www.ocf.berkeley.edu/~wwu/YaBBImages/symbols/amp.gif) seems to still cause errors.  This can be a problem when posting code...

--SMQ
Title: Re: A character string that causes server error
Post by towr on Jul 12th, 2007, 12:28pm
I seem to have no problems posting &
Title: Re: A character string that causes server error
Post by towr on Jul 12th, 2007, 12:47pm
(http://www.ocf.berkeley.edu/~wwu/YaBBImages/symbols/amp.gif(  seems to give a error, 501 "Method Not Implemented"
So that's different in nature than the 400 "bad request" the % gave. I cant' seem to find a lot of combinations with & that give a problem though.
Title: Re: A character string that causes server error
Post by SMQ on Jul 12th, 2007, 12:48pm
Hmm, this post (http://www.ocf.berkeley.edu/~wwu/cgi-bin/yabb/YaBB.cgi?board=riddles_cs;action=display;num=1184237361;message=3#3) of mine was throwing a server error until I replaced the & with its image.  I'll try a few experiments.

Edit: the magic expression seems to be: /\([^0-9A-Za-z_]*&[^0-9A-Za-z_]*\(/ -- i.e. open-paren, optionally any string of entirely non-alphanumeric characters excluding underscore, ampersand, optionally any string of entirely non-alphanumeric characters excluding underscore, open-paren.  Very odd.

--SMQ
Title: Re: A character string that causes server error
Post by Sameer on Jul 12th, 2007, 1:16pm

on 07/12/07 at 12:47:00, towr wrote:
(http://www.ocf.berkeley.edu/~wwu/YaBBImages/symbols/amp.gif(  seems to give a error, 501 "Method Not Implemented"
.

er. the message seems scary.. looks like somebody could execute something on the server by passing appropriate string..  :-/
Title: Re: A character string that causes server error
Post by SMQ on Jul 12th, 2007, 1:20pm

on 07/12/07 at 13:16:37, Sameer wrote:
er. the message seems scary..

Nah, it means "method" in the HTML sense, e.g. GET, POST, PUT, etc.  It's just a very odd string to trigger a server error...

--SMQ
Title: Re: A character string that causes server error
Post by towr on Jul 12th, 2007, 1:30pm
The question is, is it something I ought to bother William or the OCF staff with?
We could throw in the umlauts as well..
I'm just always a bit hesitant when it's not really a huge problem. On the other hand, perhaps they'd rather know sooner than later.
Title: Re: A character string that causes server error
Post by JiNbOtAk on Jul 12th, 2007, 6:31pm

on 07/12/07 at 13:30:09, towr wrote:
The question is, is it something I ought to bother William or the OCF staff with?


Of course we should tell them. It may be trivial, but I'm sure they'd want to know.


Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright © 2000-2004 Yet another Bulletin Board