Improper handling of non-existing files (#3) · Issues · Laura x Dominika x Patrycja / HTTP.sh

Improper handling of non-existing files

Assuming that directory asdf doesn't actually exist:

http://localhost:1337/asdf/ -> 404 (good!)

http://localhost:1337/asdf/a -> 403 (bad!)

This has something to do with how the URL escaping works - fortunately, it's not a security issue.

Edited Nov 28, 2020 by Dominika Liberda