|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Steven J. Sobol (sjsobol_at_JustThe.net)
Date: Mon Aug 12 2002 - 13:46:57 CDT
On Mon, 12 Aug 2002, Bill Pennington wrote:
> Yes I am aware of that. So it could be used for all URL based XSS issues,
> correct?
Ok, you ARE talking about re-writing URLs, then? Didn't sound like it.
Yeah. The syntax is weird, but it'll do lots of cool stuff.
"Despite the tons of examples and docs, mod_rewrite is voodoo. Damned
cool voodoo, but still voodoo."
http://httpd.apache.org/docs/mod/mod_rewrite.html
> On 8/12/02 10:06 AM, "Steven J. Sobol" <sjsobol
JustThe.net> wrote:
>
> > On Wed, 7 Aug 2002, Bill Pennington wrote:
> >
> >> Wow the day I am away from my machine all kinds of fun stuff breaks out. :-)
> >>
> >> Just the other day I was thinking about using some sort of Apache module
> >> (mod_rewrite??) to build rewrite rules for URLs. Simple rewriting <,>,
> >> and & to there HTML equivs. It has be forever since I played with Apache
> >> modules but I think that could be a nice way to handle any URL based XSS
> >> issues.
> >
> > mod_rewrite rewrites URLs, not content.
>
>
-- Steve Sobol, CTO JustThe.net LLC, Mentor On The Lake, OH
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]