[ic] Strange ic behavior with png image usertag created

marco m.mescoli at omnib.it
Wed Dec 13 16:52:53 UTC 2017 

Il 10/12/2017 08:44, marco ha scritto:
> Il 10/12/2017 04:03, David Christensen ha scritto:
>>
>>
>>> On Dec 9, 2017, at 4:05 PM, marco <m.mescoli at omnib.it
>>> <mailto:m.mescoli at omnib.it>> wrote:
>>>
>>> With Variable DEBUG 1 in main configuration file interchange.cfg all
>>> goes well but without ic DEBUG 1 web browser give
>>> Internal Server Error and apache error.log give this:
>>>
>>> [Sat Dec 09 20:26:35.274482 2017] [http:error] [pid 680] [client
>>> 192.168.11.2:58795] AH02429: Response header name 'libpng warning'
>>> contains invalid characters, aborting request, referer: ...
>>>
>>> ... to ic page from where i call the usetag that give the error.
>>>
>>> Searching for this issue I have find this apache page:
>>> https://blog.tigertech.net/posts/apache-cve-2016-8743/
>>> that give responsability to malformed http header.
>>>
>>> my enviro:
>>> - Debian GNU/Linux 9
>>> - Interchange V5.10.0
>>> - perl 5.24.1
>>>
>>> Any suggestions ?
>>>
>>> P.S.
>>> I try to attach the usertag and the complete url that give the error
>>> but mailer bounce back the message for suspicious header
>>
>> This information would be the most helpful; any way you can paste at an
>> external site and provide a link?
>>
>> Best,
>>
>> David
>> --
>> David Christensen
>> End Point Corporation
>> david at endpoint.com <mailto:david at endpoint.com>
>> 785-727-1171
Some other tries reveal that the problem is not DEBUG global var but 
bound to the declaration of DebugFile in the main interchange.cfg 
configuration files. With commented line:

#Variable DEBUG 1

if I declare out of the the block ifdef @DEBUG this line:

DebugFile debug.log

i can display the chart pie, without or commented this declaration I obtain:

Internal Server Error

and this log from apache2 (Apache/2.4.25 (Debian)):
[Wed Dec 13 17:31:17.115286 2017] [http:error] [pid 1054] [client 
192.168.11.2:34071] AH02429: Response header name 'libpng warning' 
contains invalid characters, aborting request, referer: 
https://newweb.omnib.it/cgi-bin/elcat/stat_ass.html?giorno=13&mese=11&anno=2017&giorno2=13&mese2=12&anno2=2017&min=&max=&cod_cli=&cli_order=des_cli&cod_resp=&da_chiamata=&go.x=18&go.y=27

-- 
"Fino alla bara sinpara"
"Up to demise we rize"

More information about the interchange-users mailing list