Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

(tye)Re: %00 causes server error

by tye (Sage)
on Jul 25, 2001 at 01:02 UTC ( [id://99485]=note: print w/replies, xml ) Need Help??


in reply to Re: %00 causes server error
in thread %00 causes server error

You don't need a shell for a nul to be a security problem. See (tye)Re: CGI OO 'param' vs. hash.

As for the PerlMonks issue, I don't see a whole lot of point in having nul bytes in PM URLs be treated nicely. I doubt they can be supported in the underlying database so they have no use so why shouldn't they give you a useless page?

So long as they are detected and prevented from doing damage, I'm happy (I'm not sure that they are being detected but it certainly could be that the nul detector just dies and that triggers the 500 error, which is fine with me).

        - tye (but my friends call me "Tye")

In Section Perl Monks Discussion

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://99485]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others surveying the Monastery: (3)
As of 2024-04-26 03:29 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found