Op 04-10-2023 om 07:29 schreef Vivien Kraus:
Le mercredi 04 octobre 2023 à 00:30 +0200, Maxime Devos a écrit :
The best prevention is not allowing redirects at all or only
allowing redirections that keep the hostname intact -- while
an
option for much software, it isn't
Le mercredi 04 octobre 2023 à 00:30 +0200, Maxime Devos a écrit :
>
> > The best prevention is not allowing redirects at all or only
> > allowing redirections that keep the hostname intact -- while
> > an
> > option for much software, it isn't an option for web
> > browsers.
>
>
The best prevention is not allowing redirects at all or only
allowing redirections that keep the hostname intact -- while an
option for much software, it isn't an option for web browsers.
Partially scratch that -- restricting to ‘keeping hostname intact’ is
insufficient, becaus
Op 03-10-2023 om 22:03 schreef Vivien Kraus:
Hello!
Le lundi 25 septembre 2023 à 22:46 +0200, Maxime Devos a écrit :
However, there are also some dangers on doing this
thing -- the ‘external’ pagehttps://example.com/data.json could
redirect to
http://localhost/unsecured-secret-but-its-localho
Hello!
Le lundi 25 septembre 2023 à 22:46 +0200, Maxime Devos a écrit :
> However, there are also some dangers on doing this
> thing -- the ‘external’ page https://example.com/data.json could
> redirect to
> http://localhost/unsecured-secret-but-its-localhost-only-so-it-is-safe
> .
Since you w
Op 25-09-2023 om 18:48 schreef Vivien Kraus:
* module/web/uri.scm (remove-dot-segments): Implement algorithm 5.2.4.
(merge-paths): Implement algorithm 5.2.3.
(resolve-relative-reference): Implement algorithm 5.2.2.
(module): Export resolve-relative-reference.
* NEWS: Reference it here.
---
Dear
* module/web/uri.scm (remove-dot-segments): Implement algorithm 5.2.4.
(merge-paths): Implement algorithm 5.2.3.
(resolve-relative-reference): Implement algorithm 5.2.2.
(module): Export resolve-relative-reference.
* NEWS: Reference it here.
---
Dear Guile developers,
When you request https://exam