You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2017-07-04 20:57:48
- foozzi
- Member
- Registered: 2017-07-04
- Posts: 4
thunar send request, it's normal?
Hi. I try save file with name like this https://imgur.com/IKERDQP
and thunar send http request with headers and after i see error save file name:
Cookie: __cfduid=***d5582128a41e0e8dadc91841499120696; session=***fQ.DDxVuA.IHI0iaqC4FLTWJiJOXBJHS-TQFY
Via: 1.1 vegur
Connection: close
Cf-Ray: 378d427a182a2***-EWR
Cf-Ipcountry: US
Cf-Visitor: {"scheme":"https"}
X-Request-Id: f94506b1-b5d3-4ff1-acdd-1fb0d42efcb5
Cf-Connecting-Ip: *
Connect-Time: 1
Accept-Language: ru-ua, ru;q=0.9
Accept-Encoding: gzip
Total-Route-Time: 0
Host: requestb.in
User-Agent: gvfs/1.32.2it is normal?
Offline
#2 2017-07-05 07:31:33
- PaperNick
- Member
- Registered: 2013-05-26
- Posts: 107
Re: thunar send request, it's normal?
That's interesting because a file containing / in its name is not valid. Linux uses / as a directory separator.
I tried saving a file with similar name containing /, and I wasn't allowed. Also, no http requests were made, when the error was shown.
Last edited by PaperNick (2017-07-05 07:40:37)
Offline
#3 2017-07-05 13:19:32
- foozzi
- Member
- Registered: 2017-07-04
- Posts: 4
Re: thunar send request, it's normal?
Try requestbin with scheme https, at first thunar send request and after view error save file name. I trying in antergos + last version xfce
Offline
#4 2017-07-05 13:20:35
- foozzi
- Member
- Registered: 2017-07-04
- Posts: 4
Re: thunar send request, it's normal?
I record small video soon if you need
Offline
#5 2017-07-05 19:22:20
- PaperNick
- Member
- Registered: 2013-05-26
- Posts: 107
Re: thunar send request, it's normal?
Try requestbin with scheme https, at first thunar send request and after view error save file name. I trying in antergos + last version xfce
That's very interesting, I've tried requestbin and it really does send an http request.
I have no idea what's going on under the hood. Maybe someone who is more familiar with the source code can enlighten us?
Edit:
I did some manual testing, and I think that before the error is shown gvfs, tries to mount the given file name over http for some reason.
After I disabled the http.mount of gvfs (which is located in /usr/share/gvfs/mounts/http.mount), no http request were made to requestbin.
I'm not sure if this answer satisfactory. I'd love to hear more myself. 
Last edited by PaperNick (2017-07-05 19:46:41)
Offline
#6 2017-07-05 20:09:40
- foozzi
- Member
- Registered: 2017-07-04
- Posts: 4
Re: thunar send request, it's normal?
foozzi wrote:Try requestbin with scheme https, at first thunar send request and after view error save file name. I trying in antergos + last version xfce
That's very interesting, I've tried requestbin and it really does send an http request.
I have no idea what's going on under the hood. Maybe someone who is more familiar with the source code can enlighten us?Edit:
I did some manual testing, and I think that before the error is shown gvfs, tries to mount the given file name over http for some reason.
After I disabled the http.mount of gvfs (which is located in /usr/share/gvfs/mounts/http.mount), no http request were made to requestbin.I'm not sure if this answer satisfactory. I'd love to hear more myself.
hm, okey.
This feature will not become a potential vulnerability or method of attack through the backdoor?
Offline
Pages: 1
- Registered users online in this topic: 0, guests: 1
- [Bot] ClaudeBot
[ Generated in 0.014 seconds, 7 queries executed - Memory usage: 534.7 KiB (Peak: 535.54 KiB) ]