Bug 8574

Summary: POSTing with to web services with unkown Content-Type results in a traceback
Product: ThinLinc Reporter: William Sjöblom <wilsj>
Component: Web AccessAssignee: Bugzilla mail exporter <bugzilla-qa>
Status: CLOSED DUPLICATE    
Severity: Normal    
Priority: P2    
Version: trunk   
Target Milestone: 4.19.0   
Hardware: PC   
OS: Unknown   
Acceptance Criteria:

Description William Sjöblom cendio 2025-04-16 11:23:43 CEST 
This can be reproduced by running:
> curl --insecure --header "Content-Type: text/plain" --request POST https://localhost:300/
which results in the following traceback in the log:
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1] ----------------------------------------
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1] Traceback (most recent call last):
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1]   File "/opt/thinlinc/modules/thinlinc/tlwebaccess/server.py", line 144, in do_POST
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1]     Oooo0o0oO0 = parse_post_request ( self . rfile , self . headers )
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1]   File "/opt/thinlinc/modules/thinlinc/httpserver.py", line 453, in parse_post_request
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1]     raise ValueError ( 'Handling for Content-Type "%s" not implemented.' % o0oOO000Oo0 )
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1] ValueError: Handling for Content-Type "text/plain" not implemented.
> 2025-04-16 11:15:40 ERROR tlwebaccess[603179]: [::1] ----------------------------------------

With webaccess is exposed to the internet, it is not uncommon that malicious bots will try to POST data using unhandled Content-Types, which may produce a lot of these stack traces.
Comment 1 William Sjöblom cendio 2025-04-16 12:47:47 CEST 
*** This bug has been marked as a duplicate of bug 8396 ***