|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: header_check: regexp or PCRE? false positives?
From: Matt (math
mlists.ath.cx)
Date: Mon Jan 03 2005 - 15:50:19 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Roger B.A. Klorese wrote:
> Matt wrote:
>
> > Just because it cannot be seen, or hasn't been observerd *YET*, does
> > not
> >mean that the possibility isn't there :) If what you mention wasn't
> >problematic, we wouldn't have people writing mail sanitisers, would we?
> >
> People are likely to sanitize "expected" cases even if they have not
> ever occurred. Taken to an extreme, this can and does interfere with
> real mail.
To give you the answer you are after:
> ...should I replace the check with one for
> /^Content-Type:(.*)name=(.*)\.com$/
> and another for
> /^Content-Type:(.*)name=(.*)\.com\"$/
/^Content-Type:(.*)name=(.*)\.com(")?$/
It combines both expressions into one and catches .com at the end of
line.
Matt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]