Dave Taht <[email protected]> writes: > shows vulnerable for bash, not sh, on openwrt and cerowrt. That said, > it makes me nervous. I've never really liked the redir.sh method cero > uses to bounce people to the right web interface... suggestions to do > it in javascript or something safer desired.
Doesn't the value of $SERVER_NAME come from the (static) lighttpd configuration? In that case, redir.sh can be replaced with a static HTML page. If not, it's probably doable in the lighttpd configuration if a suitable redirect/rewrite module is available. I forget the syntax, though, haven't used lighttpd in ages; I'm sure Google knows, though. -Toke
signature.asc
Description: PGP signature
_______________________________________________ Cerowrt-devel mailing list [email protected] https://lists.bufferbloat.net/listinfo/cerowrt-devel
