Re: guestbook script is still vulnerable under apache

From: Theo Van Dinter (felicityat_private)
Date: Thu Jun 25 1998 - 13:19:20 PDT

Next message: Lars Eilebrecht: "Re: guestbook script is still vulnerable under apache"

Previous message: Dean Gaudet: "Re: guestbook script is still vulnerable under apache"
Maybe in reply to: Stunt Pope: "guestbook script is still vulnerable under apache"
Next in thread: Lars Eilebrecht: "Re: guestbook script is still vulnerable under apache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

| The script attempts to strip out SSI's with the following regex:
|
| $value =~ s/<!--(.|\n)*-->//g;

I don't use the program in question so I can't pass this on to the author, but
here is a replacement for that "bad" line that will handle all (to my
knowledge) SSI's including malformed ones:

    $value=~s{
        <!                  # Comments start with <!
        ([^<>]|<[^<>]+>)*   # Remove anything in between, including
                            # the non-spec'ed included tags ...
        >                   # End of the comment.
    }{}gsx;                 # Replace with Nothing


This replaces <! ... >, including "not correct" commented-out tags.  Works great in a little web spider I wrote.

--
Randomly Generated Tagline:
Capital Punishment means never having to say "YOU AGAIN?"

Next message: Lars Eilebrecht: "Re: guestbook script is still vulnerable under apache"
Previous message: Dean Gaudet: "Re: guestbook script is still vulnerable under apache"
Maybe in reply to: Stunt Pope: "guestbook script is still vulnerable under apache"
Next in thread: Lars Eilebrecht: "Re: guestbook script is still vulnerable under apache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:36 PDT