Vulnerability Development mailing list archives
Re: thttpd-2.24
From: Byron Sonne <blsonne () rogers com>
Date: Mon, 10 Nov 2003 02:50:56 -0500
hmm, i wonder where the first i in index.html went to? can anyone reproduce? thoughts?
My first hypothesis would be that an assumption is made; this assumption being that the document/document path is always prefaced with a /.
If this '/' is always supposed to be present (i.e. by protocol or spec) than one could assume it is not hugely relevant (it acts as a delimeter) so somehwere some code eliminates it, and generalized it as simply 'remove the first character' instead of 'check for a slash and remove it if present'.
-- For good, return good. For evil, return justice.
Current thread:
- thttpd-2.24 methodic (Nov 09)
- Re: thttpd-2.24 Byron Sonne (Nov 10)
- Re: thttpd-2.24 Nicob (Nov 14)
- Re: thttpd-2.24 Byron Sonne (Nov 10)