cURL / Mailing Lists / curl-library / Single Mail

curl-library

Request failing through libcurl

From: BALASAHEB SALUNKE <bg.salunke09_at_gmail.com>
Date: Thu, 10 Sep 2015 17:44:54 +0530

Hi,

I'm using libcurl for HTTP request. I'm firing following HTTP request using
libcurl:
Note: I have set "CURLOPT_PATH_AS_IS" flat to 1 i.e. sensitization of url
is disabled.

http://mytarget.com/../../../../../../../../../../etc/passwd

But return 400 return response code. And following response:
===============================================
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.0.52 (Red Hat) Server at 10.10.26.238 Port 80</address>
</body></html>

===============================================

However If I request same URL using chrome or firefox browner its give 200
response code and content of file "/etc/passwd" gets display. (I kept this
file accessible purposefully for some testing).

Any one came across same situation? Please provide pointer if any to
resolve this?

Thanks and Regards,
Bala

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-09-10

This message: [ Message body ]
Next message: Rich Gray: "Re: Adding different file descriptors to curls before select()"
Previous message: Aaron Meriwether: "Re: curl_easy hanging with threads"
Next in thread: Daniel Stenberg: "Re: Request failing through libcurl"
Reply: Daniel Stenberg: "Re: Request failing through libcurl"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]