• Subject: Redirection is case sensitive!
  • From: rob@xxxxxxxxx
  • Date: Wed, 7 Feb 2001 15:26:12 -0500


I was reading an article by Carl Kriger entitled 'Building Secure Domino
Web Applications:  How to Avoid 8 Development Pitfalls That Leave Your
Application Wide Open' in the July/August 2000 copy of  'THE VIEW'.
www.eview.com

In this article it mentions using redirection to stop people from viewing
certain default things.  For example changing
http://bogey.golf.com
into
http://bogey.golf.com/dominocds.nsf/$defaultnav?opennavigator and getting
access to sensitive data.

The way to use redirection is to open the server doc and Click on the Web
Globe and select Create URL mapping/redirection from the drop down.  In the
Basics tab select "URL --> Redirection URL".  Ignore the Site information
blank.  In the Mapping tab set Incoming URL path: */*.nsf/$defaultNav, set
Redirection URL to something like http://www.bogey.golf.com.  Repeat for
$defaultform and $defaultview.  To view existing redirection select
Servers/Web Configurations view.  You must bounce the server for this to
take effect.  All well and good and works fine.  But...  read the
following:

'This URL Redirection document will work on all Domino server platforms
with the exception of Sun Solaris, a platform on which URL redirections are
case sensitive.  If Domino is running on Sun Solaris, you must create a URL
Redirection document for each case variation of the URL path.'

I've discovered that the 400 is case sensitive also.  So not only do I need
$defaultNav but I also need $Defaultnav, $dEfaultnav,
$deFaultnav...$DEfaultnav, starting to get the point?  I zoned out during
most of my college math so I don't know the mathematical guess, is it
something like 10 summation?  Or 55 possible formations of $defaultnav?

Does anyone have any suggestions?  Like is there some magic to change all
url entries into uppercase?

Rob Berendt

==================
Remember the Cole!

+---
| This is the Domino/400 Mailing List!
| To submit a new message, send your mail to DOMINO400@midrange.com.
| To subscribe to this list send email to DOMINO400-SUB@midrange.com.
| To unsubscribe from this list send email to DOMINO400-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: meechamw@ptd.net
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.