You are right I did not pay that much. Well, I did not thought of "blaming" really somebody ... just for looking where the mistake is. The problem with the Hotfix is following: If one of those malformed Requests are sent, Zope just raises an Exception and tells, that there is an invalid boundary thing. (As you wrote in a previous posting on opera and zope, the newline before the boundary seems to be the reason.) So Opera is completely unusable and i just want to know who i should address for that, the opera team for the malformed request or the Zope Server. As the next posting tells, it seems to be the Opera, so i will address that to them, to watch out for their multipart form code. On Thu, Jul 26, 2001 at 09:16:48PM +0200, Dieter Maurer wrote:
Christian Theune writes:
It seems that my longrunning-unanswered problem with Opera and Zope (see earlier Posts) is the same as the cgi.py problem.
My Question: These Requests, that cause the DoS, are they malformed or valid?
I need to know because if they are malformed, i have to blame the opera team, if they are valid, i have to blame someone at ZC to fix it otherwise. Why do you want to blame someone?
Install the "cgi" fix and be happy if your problem disappears.
If not, we (mostly you) need to look further to find the cause of your problem...
Remember, you did not pay 200.000 $ to get Zope....
Dieter
-- Christian Theune - ct@gocept.com gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981 reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))