Unescaped URI portions in validator script

  The validator seems to copy portions of a given URI without
  proper escaping (like quotemeta or so) into a Perl script.
  For example, a plus sign within the URI is being recognized as
  a regex quantifier:

      Software error:

      Nested quantifiers in regex; marked by <-- HERE in
      m/^/check?uri=http://++ <-- HERE / at (eval 18) line 14.

      For help, please send mail to the webmaster ([no address
      given]), giving this error message and the time and date
      of the error. 

http://validator.w3.org/check?uri=http://++

  This also might be a security issue, because it might be
  possible to execute code contained within the URI this way.
  So I searched the above page and the page
  http://validator.w3.org/feedback.html for an e-mail-address to
  report such issues without disclosure first, before I reported
  to this mailing list.

Received on Sunday, 14 January 2007 21:21:56 UTC