You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Rodent of Unusual Size <Ke...@Golux.Com> on 2001/03/05 22:50:55 UTC

Re: Considering general/PR7357: URLs containing invalid paths in combination with .. are served

"William A. Rowe, Jr." wrote:
> 
> Does anyone consider this response acceptable?
> 
> 127.0.0.1 - - [05/Mar/2001:09:49:11 -0600]
> "HEAD /manual/misleading-insulting-statement/../suexec.html HTTP/1.0"
> 200 0

Yes, I personally think it is acceptable.  Maybe not optimal,
but acceptable.

I am strongly opposed to too much Big Brotherism on the part
of the server.
-- 
#ken    P-)}

Ken Coar                    <http://Golux.Com/coar/>
Apache Software Foundation  <http://www.apache.org/>
"Apache Server for Dummies" <http://Apache-Server.Com/>
"Apache Server Unleashed"   <http://ApacheUnleashed.Com/>

ApacheCon 2001!
Four tracks with over 70+ sessions. Free admission to exhibits
and special events - keynote presentations by John 'maddog' Hall
and David Brin. Special thanks to our Platinum Sponsors IBM and
Covalent, Gold Sponsor Thawte, and Silver Sponsor Compaq.  Attend
the only Apache event designed and fully supported by the members of
the ASF. See more information and register at <http://ApacheCon.Com/>!