[Mailman-Users] Re: [EXT] Re: Odd error during message approval

2024-10-02 Thread Mark Sapiro 

On 10/2/24 09:19, Johnson, Bruce E - (bjohnson) wrote:


This is Mailman2 so not Django (I think) .



Yes, I didn't pay adequate attention to which list this is.



The error WAS from the web server, but while her address shows in the access 
logs, it does not in the error logs. There seems nothing unusual in the 
access_log or ssl_request_log for her IP address on the date and approximate 
time.

She’s told me it ‘occasionally happens’ but doesn’t seem connected to any thing 
other than approving a message (but that is the only time she ever interfaces 
with the Mailman web server) there are the normal access log entries for it,


I'm guessing that Mailman is not directly involved. It is possible that 
something in the form generated by Mailman's admindb module is a 
contributing factor or possibly just some entry in the form, but barring 
that, the issue seems to be just between the browser and the web server.




It’s very odd. I’ve requested that she let me know immediately the next time it 
happens so I can get more accurate timing.


Your OP mentions `rotor`. Is there a screen reader involved?

--
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: [EXT] Re: Odd error during message approval

2024-10-02 Thread Johnson, Bruce E - (bjohnson) 


On Oct 1, 2024, at 8:25 PM, Mark Sapiro  wrote:

External Email

On 10/1/24 11:43, Johnson, Bruce E - (bjohnson) wrote:
> One of our list moderators got the following website error after trying to 
> approve a posting to a moderated list:
>
>
> "Bad Request
>
> Your browser sent a request that this server could not understand.
>
> Size of a request header field exceeds server limit."
>
>
> Someone else was able to approve the same message after she logged in to the 
> pending requests page.
>
>
> I could not find any reference to this web server rotor in 
> /various/log/httpd/error_log or ssl_error_log
/var/

>
>
> Where does Mailman log it’s http errors and what could cause this error?


I seriously doubt that this request got to Mailman or even to Django. It
looks like the error came from the web server. Can you find the request
in other web server logs - maybe some access_log.

Mailman may have an access_log and error_log in it's var/logs/ directory
(or wherever it keeps its logs.

This is Mailman2 so not Django (I think) .

The error WAS from the web server, but while her address shows in the access 
logs, it does not in the error logs. There seems nothing unusual in the 
access_log or ssl_request_log for her IP address on the date and approximate 
time.

She’s told me it ‘occasionally happens’ but doesn’t seem connected to any thing 
other than approving a message (but that is the only time she ever interfaces 
with the Mailman web server) there are the normal access log entries for it,

Nothing in the actual https error logs than the usual stuff like "AH00126: 
Invalid URI in request GET /../../../../../../../../../../../../windows/win.ini 
HTTP/1.1” kind of script-kiddie-like stuff, mostly from our on-campus Nessus 
scanning, or CISA scanning for vulnerable hosts, and nothing around the time 
that she got this error

It’s very odd. I’ve requested that she let me know immediately the next time it 
happens so I can get more accurate timing.

--
Bruce Johnson
University of Arizona
College of Pharmacy
Information Technology Group

Institutions do not have opinions, merely customs


--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com