W3C home > Mailing lists > Public > www-validator@w3.org > January 2007

Unescaped URI portions in validator script

From: Stefan Ram <ram@zedat.fu-berlin.de>
Date: Sun, 14 Jan 2007 22:21:44 +0100
To: www-validator@w3.org
Message-ID: <20070114212144.GA30614712@CIS.FU-Berlin.DE>

  The validator seems to copy portions of a given URI without
  proper escaping (like quotemeta or so) into a Perl script.
  For example, a plus sign within the URI is being recognized as
  a regex quantifier:

      Software error:

      Nested quantifiers in regex; marked by <-- HERE in
      m/^/check?uri=http://++ <-- HERE / at (eval 18) line 14.

      For help, please send mail to the webmaster ([no address
      given]), giving this error message and the time and date
      of the error. 


  This also might be a security issue, because it might be
  possible to execute code contained within the URI this way.
  So I searched the above page and the page
  http://validator.w3.org/feedback.html for an e-mail-address to
  report such issues without disclosure first, before I reported
  to this mailing list.
Received on Sunday, 14 January 2007 21:21:56 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 14:17:50 UTC