static.File shouldn't allow excessive /s.
|Reported by:||jknight||Owned by:|
|Cc:||Wilfredo Sánchez Vega, jknight||Branch:|
static.File('/'), I can successfully get the contents of /etc/resolv.conf with the url
http://localhost:8080/etc//////resolv.conf////. There's two things wrong with this:
- Empty segments. Either that should be an error or a redirect.
- a / after a file (not a directory) should surely be an error.
Change History (11)
comment:4 Changed 10 years ago by
|Priority:||highest → high|
Note: See TracTickets for help on using tickets.