[Zope] HEAD transactions?

Howard Hansen howardahansen@yahoo.com
Sun, 17 Nov 2002 23:43:05 -0800 (PST)


Looking through my Undo list, I found several
transactions that look like:

/ir/wa/ad_neorx.htm/HEAD by Anonymous User

I fired up the browser and navigated to a page and
then appended /HEAD at the end and after a while, I
got a blank page back.  I checked the history for the
file and found a new transaction.  I ran a diff on the
current version and the prior one.  No changes.

So what the heck is HEAD and why does it create a
transaction? Given my recent problem with runaway
transactions, doesn't this represent a potential
DOS vulnerability.  You could keep pounding a server
with /HEAD (give a server head?) and eventually fill
up the hard drive.

Howard Hansen
http://zopenotes.com


__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - Let the expert host your site
http://webhosting.yahoo.com