|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: header_check: regexp or PCRE? false positives?
From: Matt (math
mlists.ath.cx)
Date: Mon Jan 03 2005 - 15:04:58 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Roger B.A. Klorese wrote:
> >
> > The expression below may be closer to what you want.
> >
> >.*\.com([[:punct:]].*)?$
> >
> The problem I've seen is that foo.jpg.com is presented as foo.jpg when
> "hide suffixes" is set. Since the anchored epxression would pick that
> up, that's cool. On the other hand, even if foo.com.jpg is sent and is
> an executable, the suffix would cause the attachment to be extracted and
>
> typed as a jpeg -- it's just that the name would display as foo.com. I
> don't see the problem with that, and I've never observed and dangerous
> behavior to the contrary.
Thats why the above should be slightly less error prone than the one you
are using. It won't block the example you posted, but it will block a
file.com.jpg or file.com?jpg or just file.com. It is still anchored to the
end of the line for a straight .com, but also has the option for catching
another extension after the .com.
The ([[:punct:]].*)? is an optional, so the .com has to be followed by a
punctuation symbol for it to match any trailing appendage. White space
will not match.
Matt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]