Steps carried out to reproduce the bug #96121
a) Created login.html having a file upload form element and a submit button.
b) Set action of the post method of the form to “hello.cgi”
c) Created a hello.cgi
d) Restricted permission to html and cgi documents on the server.
Stack trace :
##############################################################
First request to fetch login.html
##############################################################
--> [
GET /login.html HTTP/1.1
Host: buyer03.office.aol.com:2000
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.6+) Gecko/20011204
Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, image/png, image/jpeg, image/gif;q=0.2,
text/plain;q=0.8, text/css, */*;q=0.1
Accept-Language: en-us
Accept-Encoding: gzip, deflate, compress;q=0.9
Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
Keep-Alive: 300
Connection: keep-alive
]
################################################################
Server responds with 401 error, making the client pop up a window for
accepting username and password from the user
################################################################
<-- [
HTTP/1.1 401 Unauthorized
Server: Netscape-Enterprise/4.1
Date: Fri, 07 Dec 2001 02:39:33 GMT
WWW-authenticate: Basic realm="DOCS TEST"
Content-length: 223
Content-type: text/html
Connection: close
Unauthorized
Unauthorized
Proper authorization is required for this area. Either your browser does not perform authorization, or your authorization has
failed.
]
##########################################################################################
The client now resends the same request ( for login.html) back to the server with the encrypted username and
password after fetching the username password from the user, in the Authorization header
###########################################################################################
--> [
GET /login.html HTTP/1.1
Host: buyer03.office.aol.com:2000
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.6+) Gecko/20011204
Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, image/png, image/jpeg, image/gif;q=0.2,
text/plain;q=0.8, text/css, */*;q=0.1
Accept-Language: en-us
Accept-Encoding: gzip, deflate, compress;q=0.9
Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
Keep-Alive: 300
Connection: keep-alive
Authorization: Basic dXNlcjE6dXNlcjE=
]
################################################################
The server authorizes and sends the response
################################################################
<-- [
HTTP/1.1 200 OK
Server: Netscape-Enterprise/4.1
Date: Fri, 07 Dec 2001 02:39:40 GMT
Content-type: text/html
Etag: "78617657-1-242-3c102322"
Last-modified: Fri, 07 Dec 2001 02:02:10 GMT
Content-length: 578
Accept-ranges: bytes
This is to test the mozilla bug 96121
]
--> [
GET /favicon.ico HTTP/1.1
Host: buyer03.office.aol.com:2000
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.6+) Gecko/20011204
Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, image/png, image/jpeg, image/gif;q=0.2,
text/plain;q=0.8, text/css, */*;q=0.1
Accept-Language: en-us
Accept-Encoding: gzip, deflate, compress;q=0.9
Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
Keep-Alive: 300
Connection: keep-alive
Authorization: Basic dXNlcjE6dXNlcjE=
]
<-- [
HTTP/1.1 200 OK
Server: Netscape-Enterprise/4.1
Date: Fri, 07 Dec 2001 02:39:40 GMT
Content-type: image/x-icon
Content-length: 1406
h(@ÿÿÿçÿÿÿÿ÷ûÿÖûÿç÷ÿçïÿÖïÿçëÿÖçÿÖÛÿÿÓÿïÓÿçÓÿÞÓÿÖÓÿÿÿÿçÿ÷÷÷÷÷ª÷çª÷Ϊ÷½ª÷ª÷çÿïÖûï÷÷ïïïï
ïïcëï
×ïÿÓïcËï
ºïc¦ï
ïïïÖï½ïïïcïïaïÎaï¥aï
aïcaïÖûç9ççÿÓç9ºç÷ªç9ç9eçB<çç8ç½8ç8çc8çÖûÞÿÓÞÿûÖïûÖçûÖÞûÖÖûÖÿïÖ
ïÖÿçÖçãÖÿÛÖÖ×Ö×ÖÿÓÖªÖïÖyÖMÖÖÖÖ{ÖJÖ!ÖcëÎïaÎ
ï½9ç½½¾½ï½ç8½²µµeµAµµµµcµ9µµ×ÎËÖc륥¦¥¥¢¥ïa¥
ïï9ç²mQç80µkR1ïï
Öï
½ï
ï
ï
cë
ï×
ïº
ï
¥
ï
ïa
×{Ö{suskkïëcÎëc¥ëc
ëccëc9çcïËc²cï¦c¥cïc{}ecïaQcç8$cµcc
cR
c9
cZ]ZeRRc
R×JÖJBEBçç9½ç9ç9cç99ç9çº9²9ç9çee9ç89µ9c
911011sie!Ö××{×J×µ²²c²9²ÖªµÖyµeÖMµ<ÖµkRmQRM0cR!cccÿÿÿ{msek]c]kUcUZUZMRMREJEJ [
POST /mycgi/hello.cgi?Name=charu?empID=121&os=solaris&version=5.8 HTTP/1.1
Host: buyer03.office.aol.com:2000
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.6+) Gecko/20011204
Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, image/png, image/jpeg, image/gif;q=0.2,
text/plain;q=0.8, text/css, */*;q=0.1
Accept-Language: en-us
Accept-Encoding: gzip, deflate, compress;q=0.9
Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
Keep-Alive: 300
Connection: keep-alive
Authorization: Basic dXNlcjE6dXNlcjE=
Referer: http://buyer03.office.aol.com:2000/login.html
]
--> [
Content-type: multipart/form-data; boundary=---------------------------63341846741
Content-Length: 781
-----------------------------63341846741
Content-Disposition: form-data; name="testfilename"; filename="README.build"
Content-Type: application/octet-stream
For mozilla-the-client build instructions, please read:
http://www.mozilla.org/build/
-----------------------------63341846741
Content-Disposition: form-data; name="Name"
Nivedita
-----------------------------63341846741
Content-Disposition: form-data; name="Check_type"
1
-----------------------------63341846741
Content-Disposition: form-data; name="first"
0
-----------------------------63341846741
Content-Disposition: form-data; name="second"
1
-----------------------------63341846741
Content-Disposition: form-data; name="submit"
submit
-----------------------------63341846741--
]
<-- [
HTTP/1.1 200 OK
Server: Netscape-Enterprise/4.1
Date: Fri, 07 Dec 2001 02:39:58 GMT
Content-type: text/html
Content-length: 159
]
################################################################
Response of the server to the post request
################################################################
<-- [
CGI Data Dump
CGI Data Dump
Here is the data that is available to this CGI program:
]