Re: Possible NSE SCRIPT_NAME content issue

[Toni Ruottu <toni.ruottu () iki fi>]

I have not said this before, but I'll bring it up now. I think using
SCRIPT_NAME for parameters is a bad idea. The rationale for using it
is so you do not need to change the parameter name when you change the
script name. I am not sure this is an important use case.

The reason why I don't like it, is that when you use that pattern you
stop thinking about the most practical name for the parameter. For
example it might make sense to use http.password for all http scripts,
but if you were using this pattern when writing http-info.nse, you
would end up with http-info.password without ever thinking about it.

On Sun, May 8, 2011 at 8:13 PM, Gorjan Petrovski <mogi57 () gmail com> wrote:
> Hello,
>
> I've ran across a possible issue. When I run "nmap --script <script>
> <target>" and <script> is a file in the current directory which hasn't
> been added to the script database, for ex. "nmap --script test
> <target>" and the script name is "test.nse", the SCRIPT_NAME variable
> is filled with "test.nse". Should it not strip the .nse extension, so
> as to get correct arguments passed from --script-args and collected
> with stdnse.get_script_args( SCRIPT_NAME .. <script_argument>) ?
>
> Cheers,
> Gorjan
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/