diff options
| author | Micael Karlberg <[email protected]> | 2011-09-23 13:59:36 +0200 |
|---|---|---|
| committer | Micael Karlberg <[email protected]> | 2011-09-23 13:59:36 +0200 |
| commit | 12f3b441fc138a6e7a5bc09b8973bd55cba8b5be (patch) | |
| tree | e11842c24a67865db211fd90030f2594ea85035a /lib/inets/src/http_server | |
| parent | 9afeecb840b9b225e28597f78e9efe632f6b41b8 (diff) | |
| parent | 368449d2316b0f0f7c0dce55a9dd47c3acadb76d (diff) | |
| download | otp-12f3b441fc138a6e7a5bc09b8973bd55cba8b5be.tar.gz otp-12f3b441fc138a6e7a5bc09b8973bd55cba8b5be.tar.bz2 otp-12f3b441fc138a6e7a5bc09b8973bd55cba8b5be.zip | |
[httpc] Parsing of a cookie expire date should be more forgiving.
That is, if the parsing fails, the date should be ignored.
Also added support for (yet another) date format:
"Tue Jan 01 08:00:01 2036 GMT".
OTP-9433
[httpc] Rewrote cookie parsing. Among other things solving
cookie processing from www.expedia.com.
OTP-9434
[httpd] Fix httpd directory traversal on Windows.
Directory traversal was possible on Windows where
backward slash is used as directory separator.
Andr�s Veres-Szentkir�lyi.
OTP-9561
Merge branch 'bmk/inets/inets571_integration' into dev
Diffstat (limited to 'lib/inets/src/http_server')
| -rw-r--r-- | lib/inets/src/http_server/httpd_request.erl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl index 7084d9824a..90f8bdd912 100644 --- a/lib/inets/src/http_server/httpd_request.erl +++ b/lib/inets/src/http_server/httpd_request.erl @@ -312,8 +312,8 @@ validate_uri(RequestURI) -> {'EXIT',_Reason} -> {error, {bad_request, {malformed_syntax, RequestURI}}}; _ -> - Path = format_request_uri(UriNoQueryNoHex), - Path2=[X||X<-string:tokens(Path, "/"),X=/="."], %% OTP-5938 + Path = format_request_uri(UriNoQueryNoHex), + Path2 = [X||X<-string:tokens(Path, "/\\"),X=/="."], validate_path( Path2,0, RequestURI) end. |