Feeling Lucky
?
[#33152] - [4] Logs are prefixed and therefore not blank page when loaded
- Closed
- 15 Apr 2021
- Medium
- Build: staging
- # 33152
Steps to reproduce the issue
When Joomla logs to a file (say in Joomla 4, global config, logging = on) it does so with the following format
#
#<?php die('Forbidden.'); ?>
#Date: 2021-04-15 19:34:10 UTC
#Software: Joomla! 4.0.0-beta8-dev Development [ MaƱana ] 2-February-2021 20:02 GMT
#Fields: datetime priority clientip category message
2021-04-15T19:34:10+00:00 INFO 172.20.0.1 joomlafailure Username and password do not match or you do not have an account yet.
2021-04-15T20:39:04+00:00 INFO 172.20.0.1 joomlafailure Username and password do not match or you do not have an account yet.
2021-04-15T20:39:09+00:00 INFO 172.20.0.1 joomlafailure Username and password do not match or you do not have an account yet.
Expected result
403 Forbidden header
(or 404 Not Found for security through obscurity haha)
that nothing is output before the opening <?php
Actual result
200 OK Http header
#
#Forbidden.
joomla-cms-bot
- | Labels |
Added:
?
|
||
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2021-04-15 21:34:32 |
| Closed_By | ⇒ | PhilETaylor |
PhilETaylor
- comment
- 15 Apr 2021
Does anything really matter anymore?
Does it matter? Asking for a friend