302 redirect bypasses security and allows validation of pages on localhost

Rick -Gilligan- Uschold's post raises an issue. Presumably to avoid
exposing internal servers to the public, the validator rejects
attempts to validate http://localhost/. By issuing a 302 redirect from
a remote site, users can bypass this.

-- 
David Dorward                                      http://dorward.me.uk

Received on Monday, 21 February 2005 20:58:22 UTC