then does it not make more sense to reversion everything after 1.12 (or from next release) "wget v2" as there are also other changes which break 10 years of consistant wget script usage
I understand the need for a lot of these changes, but combined they serverly affect wgets default behavior, and the docs do not reflect this (yet?) btw thanks for indicating what option restores previous behaviour, I would never have figured that one out 2011/12/11 Ángel González <[email protected]>: > On 09/12/11 15:39, Richard Rudling wrote: >> Ok you can ignore my previous message below. After studying the diff's on >> the src code I tracked it down to the new 'feature' --trust-server-names >> which, in my humble opinion, should be the default behaviour, while the new >> behaviour should be the option. Given that this is a change in default >> behaviour I suspect this is likely to catch and upset a lot of users! >> >> Regards >> >> Rich > > It's done on purpose to avoid security vulnerability CVE-2010-2252. > That's why you need to "trust" the server. > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2252 > > If you know what you're doing, you can add that option to wgetrc if > you wish to. > >
