bug in autoindex module
Ross
ross at thegodlikehobo.org
Wed Dec 30 21:16:42 MSK 2009
On Tue, Dec 29, 2009 at 5:20 AM, Edho P Arief <edhoprima at gmail.com> wrote:
> Don't know if found by someone else, but I find this bug today in
> autoindex module.
>
> Basically, the file/dirname is not escaped properly.
>
> To reproduce:
> - enable autoindex in a directory
> - create file with name "some<em>thing" in the directory
> - view the (broken) directory list in web
>
> --
> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
I wonder if this is related to a bug in which the autoindex module
occasionally truncates non-ASCII filenames.
Examples of the bug can be found at http://thegodlikehobo.org/tmp/
Each file contains its own name. The 4th (Списки), 7th (テスト), and 8th
(フロリダ) files from the top have had their name truncated, but the link
is correct.
-Ross
More information about the nginx
mailing list