On Thu, Nov 17, 2005 at 02:19:13PM -0600, Alla Winter wrote:
> BY default it is possible to retrieve files located under the 'WEB-INF'
> directory. For example: www.someserver.com/WEB-INF./web.xml or
> www.someserver.com/WEB-INF./classes/MySer
> <http://www.someserver.com/WEB-INF./classes/MySer%20vlet.class> vlet.class
WEB-INF.
^ ? There's a _dot_ there? How does that work?
ooh.. are you running on windows? I just noticed I can put as many dots
as I want on the end of any filename and windows just ignores the dots.
Chalk another one up to windows wonderful security features.
eric
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
