|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: HTTP in practice
Joe Klemmer (klemmerj
webtrek.com)
Fri, 26 Sep 1997 14:11:34 -0400 (EDT)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Edward Cracknell: "Re[2]: Penetration Tests"
- Previous message: Capt Jim Bailey - SSG/SINS - DSN 596-6106: "Policy ? (was RE: Penetration Tests)"
- In reply to: Bennett Todd: "Re: Penetration Tests"
- Next in thread: Justin Mason: "Re: HTTP in practice"
On Tue, 23 Sep 1997, Marcus J. Ranum wrote:
> > Hmmm. Any examples of what you'd consider one of these "bad URLs" to look
> > like? We try to be pretty friendly URL-wise.
>
> URLs with '|', ';', '>', '..', '*' and other metacharacters
> are probably not a good idea.
[...]
Just on this specific point, the code for the WN web server
(http://hopf.math.nwu.edu/) has a nice little piece in the source tree
that parses out the URL and traps for "invalid" characters. It might not
be bad to look at it.
---
The most exciting phrase to hear in science, the one that heralds new
discoveries, is not "Eureka!" (I found it!) but "That's funny ..."
-- Isaac Asimov
- Next message: Edward Cracknell: "Re[2]: Penetration Tests"
- Previous message: Capt Jim Bailey - SSG/SINS - DSN 596-6106: "Policy ? (was RE: Penetration Tests)"
- In reply to: Bennett Todd: "Re: Penetration Tests"
- Next in thread: Justin Mason: "Re: HTTP in practice"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:08:58 CDT