Brion Vibber wrote:
> Can you please check the exact URLs it's using, and compare against your
> $wgServer and $wgScript settings?
>
> 1.3.6 has some extra checks for an Internet Explorer security hole where
> a URL ending in ".txt", ".html" or some other "extension" it recognizes
> is sometimes interpreted as HTML (with arbitrary JavaScript execution)
> instead of according to the set Content-Type header. If a raw page
> request isn't coming from the canonical URL it's thus redirected to the
> canonical URL.
>
> That redirect might perhaps be failing if you have a funky setting. You
> might also try checking the actual headers being sent (use Mozilla and
> install the 'Live HTTP Headers' extension for an easy way to check.)
>
> -- brion vibber (brion @ pobox.com)
I'm using rewrite rules so maybe that's messing it up? Anyway the
sequence goes like this for accessing the page "USP":
[15/Oct/2004:10:27:50 +0100] "GET /USP HTTP/1.1" 200 5638
"
http://gamecontractor.org/Main_Page" [15/Oct/2004:10:27:50 +0100] "GET
/wiki?title=-&action=raw&gen=js&smaxage=0 HTTP/1.1" 302 42
"
http://gamecontractor.org/USP" then 20 of these:
[15/Oct/2004:10:27:51 +0100] "GET
/wiki?title=-&action=raw&ctype=text%2Fjavascript&smaxage=18000&maxage=18000&gen=js&oldid=0
HTTP/1.1" 302 42 "
http://gamecontractor.org/USP" then:
[15/Oct/2004:10:27:54 +0100] "GET
/wiki?title=-&action=raw&smaxage=0&gen=css HTTP/1.1" 302 42
"
http://gamecontractor.org/USP" then 20 each of these:
[15/Oct/2004:10:27:54 +0100] "GET
/wiki?title=User:Paul_Sinnett/monobook.css&action=raw&ctype=text/css
HTTP/1.1" 302 42 "
http://gamecontractor.org/USP" [15/Oct/2004:10:27:55 +0100] "GET
/wiki?title=-&action=raw&ctype=text%2Fcss&smaxage=18000&maxage=18000&gen=css&oldid=0
HTTP/1.1" 302 42 "
http://gamecontractor.org/USP" then:
[15/Oct/2004:10:28:01 +0100] "GET
/wiki?title=User:Paul_Sinnett/monobook.js&action=raw&ctype=text/javascript&dontcountme=s
HTTP/1.1" 302 42 "
http://gamecontractor.org/USP" then 20 of these:
[15/Oct/2004:10:28:01 +0100] "GET
/wiki?title=User:Paul_Sinnett/monobook.js&action=raw&ctype=text%2Fjavascript&smaxage=18000&maxage=18000&gen=&oldid=0
HTTP/1.1" 302 42 "
http://gamecontractor.org/USP"