Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Problem opening a link in v15.0.14 and v15.0.15
#1
Starting with version .14, the following link breaks something in the IW application if is compiled with http.sys:


Code:
http://server/?level=sslfaxv3&id=f1mFiOlnZy00Tu8%2FpUHJ%2FpTuZFJF2rbBrOG6K8WrMWEYNhFYpwCEJE2u2r46E%2FSujZc%2Bd%2FdEqf%2BYV%2F3qhw%3D%3D

Up to version .13 it works fine, but starting with version .14, the application doesn't ever get inside TIWServerController.IWServerControllerBaseGetMainForm when clicking that link. It seems that the problem is with the value of the "id" query field. If I change the value to id=aaaaaaa, or any simple string, it works fine. As I said, this above link works fine in version .13.

The value of the "id" is created by using TNetEncoding.URL.Encode(...) on a long string.
Reply
#2
I've logged this to be investigated.
Reply
#3
Hi Ioan,

we are testing this and I'll have an update soon.
Reply
#4
(11-13-2018, 04:27 PM)Alexandre Machado Wrote: Hi Ioan,

we are testing this and I'll have an update soon.

Sounds good, thank you Alexandre!
Reply
#5
(11-13-2018, 04:27 PM)Alexandre Machado Wrote: Hi Ioan,

we are testing this and I'll have an update soon.

Hi Alexandre,

I found another query string that, if used, the application never gets to IWServerControllerBaseNewSession:

http://localhost/.well-known/acme-challenge/aa

If I try to open that link, the application returns a "404 not found" error page.
Reply
#6
Hi Ioan,

.well-known/acme-challenge is used by IW to respond to Let's Encrypt certificate challenges, if ServerController.SSLOptions.EnableACME is True.

I guess yours is enabled?

If it is enabled, then 404 is correct, as long as you don't have a file named aa inside folder named "acme-challenge" under your application folder (not wwwroot, but the actual IW application folder).

If you want to respond to Let's Encrypt challenges, all you need to do is to create this folder, set EnableACME to True and put the challenge file there. It will be served just fine.
Reply
#7
(02-18-2019, 06:39 PM)Alexandre Machado Wrote: Hi Ioan,

.well-known/acme-challenge is used by IW to respond to Let's Encrypt certificate challenges, if ServerController.SSLOptions.EnableACME is True.

I guess yours is enabled?

If it is enabled, then 404 is correct, as long as you don't have a file named aa inside folder named "acme-challenge" under your application folder (not wwwroot, but the actual IW application folder).

If you want to respond to Let's Encrypt challenges, all you need to do is to create this folder, set EnableACME to True and put the challenge file there. It will be served just fine.

I didn't know that the option existed :-) Thanks Alexandre!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)