Changes between Initial Version and Version 1 of Ticket #6622, comment 41


Ignore:
Timestamp:
05/23/2018 11:09:20 PM (16 months ago)
Author:
mjethani
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #6622, comment 41

    initial v1  
    1212 2.  In the path component, only `/` is a special character, while characters like `:`, `;` and so on have no special meaning, and you cannot predict exactly how the site will choose to encode the query string as part of the path itself (I used `:` for `?` and `;` for `&` only as an example) 
    1313 3.  Since you can't define what a "subcomponent" of the path is (other than to define it as whatever occurs between two `/`'s), basically you have to give filter authors the flexibility to use patterns (regular expressions) 
    14  4.  If you still insist of only allowing filter authors to strip out sections of the path (given the preceding), you still have the security issue when `/jonathan/script.js` is stripped so it becomes `/jon/script.js` 
     14 4.  If you still insist on only allowing filter authors to strip out sections of the path (given the preceding), you still have the security issue when `/jonathan/script.js` is stripped so it becomes `/jon/script.js` 
    1515 
    1616In other words, there's no way to do URL rewriting in a safe way that is also effective. If you want to be effective, you have to accept the risk. It's a choice.