U4-5614 - Umbraco module throws exception when RequestFilteringModule has intercepted request

Created by Morten Bock 08 Oct 2014, 17:40:49 Updated by Sebastiaan Janssen 01 Mar 2018, 19:50:29

Tags: PR

Steps:

  • Install a fresh umbraco 6.2.3 with a starter kit
  • Use directory urls
  • Do not append trailing slash

Now a page url would look like this: /installing-modules

The problem occurs when a spam bot starts creating weird url's. First url: /installing-modules+foobar When that url is requested, then the RequestFilteringModule will return a 404.11 because it contains a double escape sequence.

Next url: /installing-modules+foobar+"yipee" Now Umbraco is throwing an exception because of the " chars: [ArgumentException: Illegal characters in path.] System.IO.Path.CheckInvalidPathChars(String path, Boolean checkAdditional) +10915254 System.IO.Path.GetExtension(String path) +21 Umbraco.Core.UriExtensions.IsClientSideRequest(Uri url) +19 Umbraco.Web.UmbracoModule.DisposeHttpContextItems(HttpContext http) +52 Umbraco.Web.UmbracoModule.b__9(Object sender, EventArgs args) +228 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +136 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69

For some reason the "EndRequest" is fired for the UmbracoModule, even when the request has been intercepted by the RequestFilteringModule. When Umbraco tries to check the path of the request, it trows an exception because of the invalid characters.

I believe the correct way to handle it would be to allow the 404.11 status to flow through. I don't know if there is a way to detect if the RequestFilteringModule has touched the response, so that Umbraco knows to stay away, or if there should be a try/catch somewhere?

Comments

Shannon Deminick 26 Jun 2017, 05:41:32

Closing issue due to inactivity - see blog post for details https://umbraco.com/blog/issue-tracker-cleanup/


Morten Bock 26 Jun 2017, 06:59:22

Just verified that this is still an issue in 7.6.3, and I still think it is worth fixing :)


Sebastiaan Janssen 01 Mar 2018, 19:50:24

PR: https://github.com/umbraco/Umbraco-CMS/pull/2491


Priority: Normal

Type: Bug

State: Fixed

Assignee:

Difficulty: Normal

Category: Security

Backwards Compatible: True

Fix Submitted:

Affected versions: 6.2.1, 6.2.3, 7.6.3

Due in version: 7.9.3

Sprint:

Story Points:

Cycle: