Non-translated spaces in GET Request
Nate w
unsafe charcters into their hex values. (namely AIM).
i am sending it to a .php file in a url query. its syntax is
http://nweibley.dnsalias.com/profile.php?profile=kennyguy67&name=%n
where kennyguy67 is my screenname and %n is filled in with the visitors
screenname.
if it has a space, aim sends the raw space to my apache server. therfore,
apache logs the request as:
"GET /profile.php?profile=kennyguy67&name=k ennyguy67 HTTP/1.0"
the User-agent is "AIM/30 (Mozilla 1.24b; Windows; I; 32-bit)" which i tried
converting to mozilla/4 but couldnt figure out how to do.
i am just wondering how i can fix this. i tried a url rewrite regexp. thanks
for any help
--nate
iam...@tampabay.rr.com (please email me with any replies)
ps: a response is fairly urgent since i hope to go public soon :-D
Rob Kennedy
news:AfgU7.146800$Ga5.23...@typhoon.tampabay.rr.com...
> hey everybody. i have a "dumb" application that does not convert a url's
> unsafe charcters into their hex values. (namely AIM).
> i am sending it to a .php file in a url query. its syntax is
> http://nweibley.dnsalias.com/profile.php?profile=kennyguy67&name=%n
> where kennyguy67 is my screenname and %n is filled in with the visitors
> screenname.
> if it has a space, aim sends the raw space to my apache server. therfore,
> apache logs the request as:
>
> "GET /profile.php?profile=kennyguy67&name=k ennyguy67 HTTP/1.0"
>
> the User-agent is "AIM/30 (Mozilla 1.24b; Windows; I; 32-bit)" which i
tried
> converting to mozilla/4 but couldnt figure out how to do.
So what? I don't understand how changing the user-agent string would do
anything to affect the HTTP request line.
As far as I'm concerned, you shouldn't hold yourself responsible for
malformed HTTP requests, unless it's some fault of yours that your server is
receiving them. (You weren't clear on that in either of your messages--who
or what is generating the URL?)
From the information reported from the phpinfo function, PHP, at least as an
Apache module, has access to the full, original HTTP request line, as shown
in the "HTTP Request Headers" table. However, I couldn't find anything in
the PHP documentation that exposes that information anywhere else--the
getallheaders function does not return the request line, according to my
experiments. If you pose that question on a PHP newsgroup, you might get the
answer you need, though.
You may run into other problems if you intend for your program to be both
backward- and forward-compatible with HTTP, though.
It doesn't seem like your script is correctly processing properly encoded
URLs anyway. It just seems to remove any spaces and any other
nonalphanumeric characters. It doesn't seem to pay much attention to the
profile argument, either.
> --nate
> iam...@tampabay.rr.com (please email me with any replies)
No.
> ps: a response is fairly urgent since i hope to go public soon :-D
Uh, yeah. Thank goodness for Opera's Ctrl+G.
--Rob
Nate w
damn good php programmer. its my clients fault (aim for windows) that doesnt
turn the space into a +. now what i am saying is it breaks my QUERY_STRING
off. leaving the data to the left in it and pushing the data to the right
off in limbo. i know there is a way to do it since sites like
www.infiniteprofiles.com have done it. its just very weird, and rewrites to
the url doesnt seem to effect anything. i tried a QSA rewrite.
"Rob Kennedy" <rken...@cs.wisc.edu> wrote in message
news:9vsgf2$14do$1...@news.doit.wisc.edu...
Rob Kennedy
> No. see you dont get what im saying at all. Its not my fault... im a
pretty
> damn good php programmer. its my clients fault (aim for windows) that
doesnt
> turn the space into a +. now what i am saying is it breaks my QUERY_STRING
> off. leaving the data to the left in it and pushing the data to the right
> off in limbo. i know there is a way to do it since sites like
> www.infiniteprofiles.com have done it. its just very weird, and rewrites
to
> the url doesnt seem to effect anything. i tried a QSA rewrite.
And what I'm saying is that the query string isn't where the answer is. A
space marks the end of the query string, so an algorithm to remove spaces is
pointless as there will never be anything to remove.
So what you have to do is either write your own module that checks the HTTP
request and perhaps adds an entry to the request notes, or figure out how to
get PHP to tell you the entire, unprocessed request line. I suggest pursuing
the latter first, and to do that, I suggest you find yourself a more
PHP-specific newsgroup where people more knowledgeable than you or I hang
out.
--Rob
Nate w
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} AIM/30
RewriteRule ((.)+) $1 [E=REQ:%{THE_REQUEST}]
</IfModule>
and this in every php file that i needed the namespace translated in:
$reqstr=ereg_replace('^([a-zA-Z0-9]+) ([a-zA-Z0-9\?\\/ \.=%\-\&]+)
([a-zA-Z0-9/\.]+)$','\\2',$HTTP_SERVER_VARS['REQ']);
$url=parse_url($reqstr);
$name=ereg_replace('^([a-zA-Z0-9=\%\+\.\&]+)*\name\=([a-zA-Z0-9\ ]+)([a-zA-Z
0-9=\%\+\.\&]+)*$','\\2',$url['query']);
if($HTTP_USER_AGENT!="AIM/30 (Mozilla 1.24b; Windows; I; 32-bit)")
$name=$HTTP_GET_VARS['name'];
$nspcname=ereg_replace(' ','',$name);
pretty gay that it takes that much to handle a space... but whatever...
--nate
"Rob Kennedy" <rken...@cs.wisc.edu> wrote in message
news:9vub2i$avo$1...@news.doit.wisc.edu...