Ubuntu
apache2 package

localized-error-pages.conf lacks config to preprocess /error/include page content

Bug #1443224 reported by V字龍(Vdragon)
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

Hi, I followed the instructions in localized-error-pages.conf to setup localized error pages, but found out that page content under /error/include/ are not preprocessed before sent to client.

Example:
````
<!--#if expr="-z v('CONTENT_LANGUAGE')"
--><!--#set var="CONTENT_LANGUAGE" value="en"
--><!--#endif
--><?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="<!--#echo var="CONTENT_LANGUAGE" -->" xml:lang="<!--#echo var="CONTENT_LANGUAGE" -->">
<head>
<title><!--#echo encoding="none" var="TITLE" --></title>
<link rev="made" href="mailto:<!--#echo encoding="url" var="SERVER_ADMIN" -->" />
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
    body { color: #000000; background-color: #FFFFFF; }
    a:link { color: #0000CC; }
    p, address {margin-left: 3em;}
    span {font-size: smaller;}
/*]]>*/--></style>
</head>

<body>
<h1><!--#echo encoding="none" var="TITLE" --></h1>
<p>

    You don't have permission to access the requested directory.
    There is either no index document or the directory is read-protected.

</p>
<p>
<!--#include virtual="../contact.html.var" -->
</p>

<h2>Error <!--#echo encoding="none" var="REDIRECT_STATUS" --></h2>
<address>
  <a href="/"><!--#echo var="SERVER_NAME" --></a><br />
  <span><!--#echo var="SERVER_SOFTWARE" --></span>
</address>
</body>
</html>
````

It seems that the config template should include

````
<Directory "/path">
        Options IncludesNoExec
        AddOutputFilter Includes html
        Order allow,deny
        Allow from all
</Directory>

````

after
`````
Alias /error/include/ "/path"
`````

to make it process correctly

Example:
```
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Access forbidden!</title>
<link rev="made" href="mailto:<email address hidden>" />
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
    body { color: #000000; background-color: #FFFFFF; }
    a:link { color: #0000CC; }
    p, address {margin-left: 3em;}
    span {font-size: smaller;}
/*]]>*/--></style>
</head>

<body>
<h1>Access forbidden!</h1>
<p>

    You don't have permission to access the requested directory.
    There is either no index document or the directory is read-protected.

</p>
<p>
If you think this is a server error, please contact
the <a href="mailto:<email address hidden>">webmaster</a>.

</p>

<h2>Error 403</h2>
<address>
  <a href="/">140.121.80.26</a><br />
  <span>海洋大學網路發展協會網站托管服務</span>
</address>
</body>
</html>
```

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: apache2 2.4.7-1ubuntu4.4
ProcVersionSignature: Ubuntu 3.13.0-39.66-generic 3.13.11.8
Uname: Linux 3.13.0-39-generic i686
NonfreeKernelModules: nvidia
Apache2ConfdDirListing: False
ApportVersion: 2.14.1-0ubuntu3.8
Architecture: i386
CurrentDesktop: KDE
Date: Mon Apr 13 10:22:55 2015
SourcePackage: apache2
UpgradeStatus: No upgrade log present (probably fresh install)
error.log:
 [Mon Apr 13 07:53:45.032576 2015] [mpm_event:notice] [pid 31758:tid 3074755200] AH00489: Apache/2.4.7 (Ubuntu) configured -- resuming normal operations
 [Mon Apr 13 07:53:45.032600 2015] [core:notice] [pid 31758:tid 3074755200] AH00094: Command line: '/usr/sbin/apache2'
modified.conffile..etc.apache2.conf.available.security.conf: [modified]
modified.conffile..etc.apache2.mods.available.userdir.conf: [modified]
mtime.conffile..etc.apache2.conf.available.security.conf: 2015-04-13T07:51:58.965640
mtime.conffile..etc.apache2.mods.available.userdir.conf: 2014-12-24T22:54:46.119177

See original description
Revision history for this message
V字龍(Vdragon) (vdragon) wrote :
Revision history for this message
V字龍(Vdragon) (vdragon) wrote :

My /etc/apache2/conf-available/localized-error-pages.conf after patching
http://paste.ubuntu.com/10813153/

description: updated
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi,
I was trying to reproduce your issue:

mkdir -p /var/www/localized-error-pages/
cp /usr/share/apache2/error/include/* /var/www/localized-error-pages/
*made a slight change to the bottom.html in there so I recognize the localized error.

Uncommenting and adapting in /etc/apache2/conf-available/localized-error-pages.conf:
Alias /error/include/ "/var/www/localized-error-pages/"
+ uncommenting the later 37 lines

I access non existing files and see in /var/log/apache2/access.log that the access works.
When accessing a non existent file it didn't cause the same error, but then it didn't show me a localized error either.
So it seems I failed to reproduce your issue because I can't figure out a missing step :-/

But
I experimented a bit and actually
So the default config in /etc/apache2/apache2.conf has:
<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>

And this should already cover /var/www/localized-error-pages/ to be accessible by the server.
Of course not by the browser directly as the document root goes to /var/www/html but I think it should be includable.

Did you set up a custom dir other than /var/www on your system?

Christian Ehrhardt  (paelzer)
Changed in apache2 (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for apache2 (Ubuntu) because there has been no activity for 60 days.]

Changed in apache2 (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.