[ic] Magic search feature - how to disable it?
Peter
peter at pajamian.dhs.org
Thu Sep 14 07:17:32 EDT 2006
On 09/13/2006 02:23 PM, Aaron Berg wrote:
> Hi,
>
> I've found a magic search feature that I can't find any documentation
> on. Any URL which has a capital letter as the first letter after the
> cgi specification is magically treated as a search.
>
> Compare:
> http://demo.icdevgroup.org/i/demo1/nothing
> which is a page not found
>
> with:
> http://demo.icdevgroup.org/i/demo1/Nothing
> which is a search failed page.
>
> It seems like a handy thing, but I have a site which is scanned by
> scanalert and this search feature is creating false positives. Is
> there a way to disable/alter this functionality?
Try this patch if you like the feature but want it to return the missing
page when a match isn't found. I've also committed it to CVS:
Index: catalog.cfg
===================================================================
RCS file: /var/cvs/interchange/dist/standard/catalog.cfg,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- catalog.cfg 24 Aug 2006 13:00:10 -0000 1.16
+++ catalog.cfg 14 Sep 2006 10:33:59 -0000 1.17
@@ -670,6 +670,10 @@
$CGI->{sp} = 'results';
$CGI->{mv_todo} = 'search';
$Tag->update('process');
- return (1, 'results');
+ if (($o = $Search->{''}) && @{$o->{mv_results}}) {
+ return (1, $Config->{Special}->{results});
+ }
+
+ return;
}
EOS
Peter
More information about the interchange-users
mailing list