[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Wget-dev] wget2 | Dealing with 301 Redirects and Recursion (#383)
|
From: |
Tim Rühsen |
|
Subject: |
Re: [Wget-dev] wget2 | Dealing with 301 Redirects and Recursion (#383) |
|
Date: |
Tue, 29 May 2018 14:10:51 +0000 |
Yes true, for the case that we don't trust the original server (default).
The "doesn't accept the new server name" was a bit misleading for me, sorry.
Given that we don't use `--trust-server-names`, why should we accept the new
path at all ?
We could do so if the new (normalized) URL 'extends' the old one by at least
one directory, so that a file a) can't escape above the expected download
directory and b) doesn't overwrite anything unexpected.
Examples
* /foo/bar -> /foo/bar/ is OK (only if -nd is not given !, --cut-dirs might
also be a shot in the foot)
* /foo/bar -> /foo/bar/../../.wgetrc (normalized: /.wgetrc) is *not* OK
There likely are more things to consider.
--
Reply to this email directly or view it on GitLab:
https://gitlab.com/gnuwget/wget2/issues/383#note_75593013
You're receiving this email because of your account on gitlab.com.
- [Wget-dev] wget2 | Dealing with 301 Redirects and Recursion (#383), Darshit Shah, 2018/05/27
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: [Wget-dev] wget2 | Dealing with 301 Redirects and Recursion (#383),
Tim Rühsen <=