Project

General

Profile

bug #7563

Updated by Andreas Kohlbecker 11 months ago

requests like http://test.e-taxonomy.eu/cdmserver/phycobank_production/registrationDTO/identifier/http%+3+A%2F%2Fphycobank.org%2F100105.json

are rejected by apache with a http 404 code. This blocks from resolving http identifiers like http://phycobank.org/100105.

By default apache does not allow %2F for / and %5C for \ in URLs:

* https://stackoverflow.com/questions/9206835/2f-in-url-breaks-and-does-not-reference-to-the-php-file-required#12993237
* http://httpd.apache.org/docs/current/mod/core.html#allowencodedslashes

The AllowEncodedSlashes-Direktive for apache can be set in the server configuration and also in vhost configurations:

~~~
#
# NOTE: AllowEncodedSlashes is off per default to prevent possible security vulnerabilities.
# To allow the cdmserver resolving http identifiers via HTTP GET requests it is required to
# allow encoded slashes. See https://dev.e-taxonomy.eu/redmine/issues/7563
#
AllowEncodedSlashes On
~~~

The edit servers and documentation needs to be adapted:

1. edit-test: /etc/apache2/sites-available/default - DONE
1. edit-community: /etc/apache2/sites-available/siteconf - DONE
1. edit-jobber:
1. edit-integration:
1. edit-demo1:
1. edit-demo2:
1. add to cdmserver installation documentation https://cybertaxonomy.eu/cdmserver/installation



Back

Add picture from clipboard (Maximum size: 40 MB)