Initial merge from r13 topic branch. With minimal cleanup.

Merge branch 'bmk/inets/httpd/xss_when_erl_encoded/r13/OTP-9655' into bmk/inets/httpd/xss_when_erl_encoded/r14/OTP-9655

Conflicts:
	lib/inets/doc/src/notes.xml
	lib/inets/src/http_lib/http_uri.erl
	lib/inets/src/http_lib/http_util.erl
	lib/inets/src/http_server/httpd_file.erl
	lib/inets/src/http_server/httpd_request.erl
	lib/inets/src/http_server/httpd_request_handler.erl
	lib/inets/src/http_server/httpd_util.erl
	lib/inets/src/inets_app/inets.appup.src
	lib/inets/test/httpc_SUITE.erl
	lib/inets/test/httpd_SUITE.erl
	lib/inets/test/httpd_basic_SUITE.erl
	lib/inets/test/httpd_test_lib.erl
	lib/inets/vsn.mk

1 files changed, 3 insertions, 3 deletions

diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl
index a04bcc2778..5ba79b2706 100644
--- a/lib/inets/src/http_server/httpd_request.erl
+++ b/lib/inets/src/http_server/httpd_request.erl
@@ -309,12 +309,12 @@ validate_uri(RequestURI) ->
 		(catch http_uri:decode(string:left(RequestURI, Ndx)))
 	end,
     case UriNoQueryNoHex of
-	{'EXIT',_Reason} ->
+	{'EXIT', _Reason} ->
 	    {error, {bad_request, {malformed_syntax, RequestURI}}};
 	_ ->
 	    Path  = format_request_uri(UriNoQueryNoHex),
-	    Path2 = [X||X<-string:tokens(Path, "/\\"),X=/="."], 
-	    validate_path( Path2,0, RequestURI)
+	    Path2 = [X||X<-string:tokens(Path, "/"),X=/="."], %% OTP-5938
+	    validate_path(Path2, 0, RequestURI)
     end.
 
 validate_path([], _, _) ->