Re: Security

At 06:41 pm 1/2/96 -0200, Flavio Marcelo C B do Amaral spake:
>>	Some weeks ago I got some mails about some potential security risks
>> about the method GET /a/b/../file. I am a graduated student at UFRN in Brazil


At 12:37 am 1/3/96 EST, Eric Gauthier wrote:
>The security risk here is a bit indirect.  The problem
>lies in using the relative directory scheme.  Web Servers are


   This was discussed at length in the http-wg list last month, since 
it's really more of an HTTP issue than HTML. I would suggest that you 
take a look at the archives for the subject, "Potential HTTP Security 
Risk", begining about 27 December 1995. 

   The archives for the http-wg mailing list are available (in 
HTML/hypermail format) at:

| BearHeart / Bill Weinman | | 
| Author of The CGI Book -- 

Received on Wednesday, 3 January 1996 01:25:42 UTC