On 2009/08/26 05:54, Stuart Henderson wrote:
> CVSROOT:      /cvs
> Module name:  src
> Changes by:   st...@cvs.openbsd.org   2009/08/26 05:54:31
> 
> Modified files:
>       usr.bin/ftp    : fetch.c 
> 
> Log message:
> In "auto-fetch" mode without -o, the filename to save under is derived
> from the URL. In cases where the URL supplied on the command-line returned
> an HTTP redirection, ftp(1) was changing the filename to one derived from
> the redirected URL. Change this to always use a name derived from the
> command-line URL.
> 
> Avoids unexpected behaviour with URI-encoded redirection URLs as seen
> by matecocido on misc@, and avoids surprises when the redirection is
> to an unexpected filename. No change when -o is used.

to be more explicit; the redirected URL can't really be validated.
for an example of the type of surprise you might get if you try and
fetch something from a cronjob where you ignore the output:

$ mkdir /tmp/foo; cd /tmp/foo; \
ftp http://spacehopper.org/reloc-demo/blah.tar.gz; ls -la

Trying 2a01:348:108:108:a00:20ff:feda:88b6...
Requesting http://spacehopper.org/reloc-demo/blah.tar.gz
Redirected to http://spacehopper.org/reloc-demo/.profile
Trying 2a01:348:108:108:a00:20ff:feda:88b6...
Requesting http://spacehopper.org/reloc-demo/.profile
100% |**********************************************************|    24
    00:00    
Successfully retrieved file.
total 24
drwxr-xr-x   2 sthen  wheel   512 Aug 26 13:21 .
drwxrwxrwt  54 root   wheel  7168 Aug 26 13:21 ..
-rw-r--r--   1 sthen  wheel    24 Aug 26 13:21 .profile

Reply via email to