[hunchentoot-devel] handle-static-file
Hans Hübner
hans at huebner.org
Mon Dec 8 11:12:49 UTC 2008
On Mon, Dec 8, 2008 at 11:47, Frank Schorr <franks-muc at web.de> wrote:
>> > Made a (create-folder-dispatcher-and-handler "/pdf/" "c:/..../pdf/")
>> > When I direct the browser to .../pdf/doesnotexist, the server sends a 404. OK
>> > But .../pdf/* generates "illegal use of wild pathname" .
>> >
>> > Call to INVOKE-DEBUGGER
>> > Call to SIGNAL
>> > Call to PROBE-FILE
>> > Call to HUNCHENTOOT:HANDLE-STATIC-FILE
>> > Call to HUNCHENTOOT::PROCESS-REQUEST
>> > Call to HUNCHENTOOT::PROCESS-CONNECTION
>> > Call to (HARLEQUIN-COMMON-LISP:SUBFUNCTION MP::PROCESS-SG-FUNCTION MP::INITIALIZE-PROCESS-STACK)
>> >
>> > I can handle this on my side, but I think it is a risk.
>>
>> Why do you think it is a risk? What is risked?
> The risk is the bad guy sending many of these requests, the server will create a same number of threads, all hanging in the debugger, until a limit is reached.
> I believe 404 would be the correct response for requesting file "*" which is not present.
I agree that 404 would be a better response, but I don't know about
the debugger thing. In production environments, you would not enable
the debugger for handling errors in requests.
Now, the question is whether what you describe is a misbehaviour in
Hunchentoot that sends you to the debugger even though you did not
enable debugging. Did you intend to write that?
-Hans
More information about the Tbnl-devel
mailing list