On Thu, 07 Jun 2018 13:47:07 +0300, Marko Rauhamaa wrote:
> Chris Angelico <ros...@gmail.com>:
>
>> On Thu, Jun 7, 2018 at 7:29 PM, Marko Rauhamaa <ma...@pacujo.net>
>> wrote:
>>> 3. http://localhost:8000/te%00st.html
>>>
>>> => The server crashes with a ValueError and the TCP connection is
>>> reset
>>>
>>>
>> Actually, I couldn't even get Chrome to make that request, so it
>> obviously was considered by the browser to be invalid.
>
> Wow! Why on earth?
It works in Firefox, but Apache truncates the URL:
Not Found
The requested URL /te was not found on this server.
instead of te%00st.html
I wonder how many publicly facing web servers can be induced to either
crash, or serve the wrong content, this way?
--
Steven D'Aprano
"Ever since I learned about confirmation bias, I've been seeing
it everywhere." -- Jon Ronson
--
https://mail.python.org/mailman/listinfo/python-list
