[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

[MacPerl-WebCGI] Security hole?

To: MACPERL-WEBCGI@macperl.org
Subject: [MacPerl-WebCGI] Security hole?
From: "Prodoehl, Pete" <PPRODOEHL@QGRAPH.COM>
Date: Wed, 28 Jun 2000 08:17:06 -0500 (CDT)


I'm running Mac OS 8.6, Personal Web Sharing 1.5 and MacPerl 5.2.0r4

If I run a MacPerl cgi by requesting this in my browser:

   http://mymac/my.cgi

It works as it should.

If I request this: (note trailing slash)

   http://mymac/my.cgi/

It seems to translate the request to be:

   /PNFIconGraphics/BinHexCacheFolder/-1-2126/my.cgi.hqx

Which actually *downloads* the cgi.

I've tested this in Netscape 4.7 and MSIE 5.0 on the Mac.

Seems like a PWS bug to me... wondering if there's a fix.

thoughts?


Pete



==== Want to unsubscribe from this list?
==== Send mail with body "unsubscribe" to macperl-webcgi-request@macperl.org

Follow-Ups:
- Re: [MacPerl-WebCGI] Security hole?
  - From: Bruce Van Allen <bva@cruzio.com>

Prev by Date: [MacPerl-WebCGI] Re: macperl-webcgi-digest V1 #145
Next by Date: Re: [MacPerl-WebCGI] Security hole?
Prev by thread: Re: [MacPerl-WebCGI] Net::SMTP
Next by thread: Re: [MacPerl-WebCGI] Security hole?
Navigation: Date Index | Thread Index | Search | Other lists at bumppo.net