[Zope] HEAD transactions?
Howard Hansen
howardahansen@yahoo.com
Sun, 17 Nov 2002 23:43:05 -0800 (PST)
Looking through my Undo list, I found several
transactions that look like:
/ir/wa/ad_neorx.htm/HEAD by Anonymous User
I fired up the browser and navigated to a page and
then appended /HEAD at the end and after a while, I
got a blank page back. I checked the history for the
file and found a new transaction. I ran a diff on the
current version and the prior one. No changes.
So what the heck is HEAD and why does it create a
transaction? Given my recent problem with runaway
transactions, doesn't this represent a potential
DOS vulnerability. You could keep pounding a server
with /HEAD (give a server head?) and eventually fill
up the hard drive.
Howard Hansen
http://zopenotes.com
__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - Let the expert host your site
http://webhosting.yahoo.com