Welcome to the Monastery | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
While I can see the merit in this approach there is a lot of redundancy with the potential for holes . It does of course offer more granularity but I'm not sure you really need this and the attendant overhead. The main issues are the null byte hack, shell metachars, multiencoding %hh so you don't actually properly check the string and the old ../.. chestnut. We are reasonably protected from buffer overflows but you can easily truncate the length if desired. cheers tachyon s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print In reply to Re: Re: Re: Re: Re: Re: Re: Re: Re: How Internet is a mess. (Playing with HTTPD)
by tachyon
|
|