Charles Musser(cmus...@sonic.net) on 2014.09.20 14:44:45 -0700: > + /* > + * XXX validate that domain name only contains valid characters > + * for two reasons: 1) correctness, 2) we do not want to pass > + * possible malicious, unescaped characters like `` to a script > + * or program that could be exploited that way. > + */ > + > + return (src - src_origin);
this alone is a reason why this diff is wrong. /Benno (and removing all of the ifndef SMALL is another)
