------
It's not clear that anyone has actually been able to use 3.0* (ha ha)
but if you are, you should either grab the 3.0.2 release that I'm about
to post, or apply this patch to your lib/url.tcl file. I'm also
attaching the whole url.tcl file so you can just drop it in.
This prevents your server from happily serving up any old file on your system.
Thanks again to Petrus Vloet for pointing this out to me today.
-- Brent Welch <[EMAIL PROTECTED]>
http://www.scriptics.com
Scriptics: The Tcl Platform Company
diff -c -c -r1.26 url.tcl
*** url.tcl 2000/04/19 04:43:39 1.26
--- url.tcl 2000/05/19 05:24:39
***************
*** 66,73 ****
if {![regexp ^($Url(prefixset))(.*) $url x prefix suffix] ||
([string length $suffix] && ![string match /* $suffix])} {
# Fall back and assume it is under the root
! regexp ^(/)(.*) $url x prefix suffix
}
# END INLINE
--- 66,78 ----
if {![regexp ^($Url(prefixset))(.*) $url x prefix suffix] ||
([string length $suffix] && ![string match /* $suffix])} {
+
# Fall back and assume it is under the root
! # The /+ gobbles extra /'s that might be used to sneak
! # out to the root of the file hierarchy.
!
! regexp ^(/+)(.*) $url x prefix suffix
! set prefix /
}
# END INLINE
***************
*** 137,143 ****
![regexp ^($Url(prefixset))(.*) $url x prefix suffix] ||
([string length $suffix] && ![string match /* $suffix])} {
# Fall back and assume it is under the root
! regexp ^(/)(.*) $url x prefix suffix
}
}
--- 142,149 ----
![regexp ^($Url(prefixset))(.*) $url x prefix suffix] ||
([string length $suffix] && ![string match /* $suffix])} {
# Fall back and assume it is under the root
! regexp ^(/+)(.*) $url x prefix suffix
! set prefix /
}
}
url.tcl
