domlogs do not escape quotes in the request

Discussion in 'Bug Reports' started by kitchin, Apr 19, 2014.

  1. kitchin

    kitchin New Member

    Is this a bug? Litespeed Web Server Enterprise v4.2.9 on CENTOS 5.10

    We had this entry in a domlogs file (munged some). Notice the raw quotes in the Request:
    [99.99.99.99 - - [11/Apr/2014:10:33:25 -0600] "GET /foo-bar/+"Notify+me+of+new+posts+by+email"+AFL&ct=clnk HTTP/1.1" 404 7132 "http://example.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.22 (KHTML, like Gecko) Ubuntu Chromium/25.0.1364.160 Chrome/25.0.1364.160 Safari/537.22"

    Since Apache 2.0.46, released October 2010, http://httpd.apache.org/docs/current/mod/mod_log_config.html
    For security reasons, starting with version 2.0.46, non-printable and other special characters in %r, %i and %o are escaped using \xhh sequences, where hh stands for the hexadecimal representation of the raw byte. Exceptions from this rule are " and \, which are escaped by prepending a backslash, and all whitespace characters, which are written in their C-style notation (\n, \t, etc). In versions prior to 2.0.46, no escaping was performed on these strings so you had to be quite careful when dealing with raw log files.​
  2. mistwang

    mistwang LiteSpeed Staff

    It is fixed int the latest 4.2.9 build, just run command

    /usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.9

Share This Page