On Thu, October 27, 2005 10:12 am, Florian Weimer said:
> Have you considered in your analysis that malicious servers might
> return HTTP redirects which contain suitable URLs? This requires that
> the offsiteok member is set to true, though, because in the version I
> looked at, only http:// URLs ...
> Have you considered in your analysis that malicious servers might
> return HTTP redirects which contain suitable URLs? This requires that
> the offsiteok member is set to true, though, because in the version I
> looked at, only http:// URLs ...
[ more ]