Ángel González wrote:
Maybe not. Consider a url like:
http://www.example.net/download.php?file=releases/wget.exe
In that case using as filename wget.exe makes more sense than
download.php@file=releases%2Fwget.exe
Whereas there are other cases where the basename is preferible.
Probably all
Peng Yu pengyu...@gmail.com writes:
I was looking at the patched version. (See the patch posted in bug
#31147) So I think that the bug in the patch (see the relevant code
below, where full_file has the query string). I guess for full_file a
different 'acceptable' function should be used.
Hi,
The following line is in utils.c.
# in acceptable (const char *s)
while (l s[l] != '/')
--l;
if (s[l] == '/')
s += (l + 1);
It essentially gets a substring after the last '/'. However, when a
query has '/', this is problematic. For example, the above code snip
will extract
Hello Peng,
AFAICS, `s' is a path, so '/' in the query string is escaped and
`acceptable' doesn't see it.
As for your example:
http://xxx.org/somescript?arg1=/xxy
`s' in this case will be something like:
xxx.org/somescript?arg1=%2Fxxy
Do you have any example where it doesn't work?
Cheers,
On Sun, Aug 7, 2011 at 6:14 AM, Giuseppe Scrivano gscriv...@gnu.org wrote:
Hello Peng,
AFAICS, `s' is a path, so '/' in the query string is escaped and
`acceptable' doesn't see it.
As for your example:
http://xxx.org/somescript?arg1=/xxy
`s' in this case will be something like: