[erlang-questions] inets mod_get mishandles inaccessible files

Paul Fisher pfisher@REDACTED
Fri May 9 05:25:33 CEST 2008


When the inets httpd mod_get processes a request for a non-existent file
the connection is closed without a response.  I would expect it to
return a 404 instead.  Here is what comes out in the error_log:

[08/May/2008:21:47:08 -0500], traverse exit from apply: mod_get:do => 
{{badmatch,{error,enoent}},
 [{mod_get,get_modification_date,1},
  {mod_get,do_get,1},
  {httpd_response,traverse_modules,2},
  {httpd_response,generate_and_send_response,1},
  {httpd_request_handler,handle_response,1},
  {gen_server,handle_msg,5},
  {proc_lib,init_p,5}]}

Apparently mod_get:do_get/1 (and associated functions) is not prepared
to get {error, enoent} back from mod_alias:path/3, and there seems to be
no provision for generating a 404 response in do_get.  It also looks
like files/directories with invalid permissions within the document_root
would also generate the same issue.

In the end it appears that a non-trivial patch would be required to
handle all of the cases and return appropriate responses in all cases.
Would such a patch be acceptable for integration into a future OTP
release?

This is with R12B-2.


-- 
paul




More information about the erlang-questions mailing list