- From: olivier Thereaux <ot@w3.org>
- Date: Wed, 29 Dec 2004 10:22:39 +0900
- To: QA Dev <public-qa-dev@w3.org>
Received on Wednesday, 29 December 2004 01:22:47 UTC
On Dec 16, 2004, at 15:47, Terje Bless wrote: >> The CSS validator currently refuses to query ports < 1024 other than >> 80, > It is actively wrong. There are no restrictions on which ports can > provide > HTTP service, and ports <1024 are «well known» not “reserved” (and, > notably, > their allocations change over time). After giving this topic a bit more thought, I think the purpose (not providing a DDOS tool for cheap) is noble, but the measure in itself makes as much sense as worrying about people bringing spoons into a forest because they might use them to cut trees. They *might*, just as people *might* find a way to use HTTP requests to hack non-HTTP services... The part to amend seems to be around org/w3c/css/util/HTTPURL.java: if (((port < 1024) && (port != 80) && (port > 0)) There is also html/parser/Parser.properties:firewallPort=80 which probably is for something else. -- olivier
Received on Wednesday, 29 December 2004 01:22:47 UTC