Ticket #1330 (new defect)

Opened 10 months ago

Last modified 10 months ago

400 Bad Request when using IP's numeric value ("ip2long()")

Reported by: Ben <ben_is_a@hotmail.com> Assigned to: jan
Priority: low Milestone:
Component: core Version: 1.4.16
Severity: minor Keywords:
Cc: Blocking:
Need Feedback: 0

Description

Other webservers allow you to access them via their numeric value:

octet1 << 24 OR octet2 << 16 OR octet3 << 8 OR octet4 (or with a calculator, octet1*2563 + octet2*2562 + octet3*256 + octet4)

Here's one of Google's IPs:

64.233.167.99 (64 * (2563)) + (233 * (2562)) + (167 * 256) + 99 1089054563

So if you use http://1089054563 --- you get to google.

If you try this with a server running lighttpd, you get "400 Bad Request" :)

This is an old trick to get by proxies. I doubt it works any more...but what good is it to get by a proxy if you're trying to reach a lighttpd hosted website!? :D

Great job on lighty, btw, excellent software!

Attachments

Change History

08/29/2007 11:44:51 PM changed by Ben <ben_is_a@hotmail.com>

Errr, this (#)&$ing wiki screwed up my formatting...I should've previewed first! Here are the relevant pieces:

(or with a calculator, octet1*2563 + octet2*2562 + octet3*256 + octet4)

64.233.167.99 (64 * (2563)) + (233 * (2562)) + (167 * 256) + 99 1089054563

Add/Change #1330 (400 Bad Request when using IP's numeric value ("ip2long()"))




Change Properties