fetch extension - use local filename from content-disposition
header
Dag-Erling Smørgrav
des at des.no
Fri Dec 30 01:08:18 PST 2005
Martin Cracauer <cracauer at cons.org> writes:
> The security implications are about the same as for the base
> functionality. Any filename in the current directory can be wiped
> out if you fetch or wget and a URL redirects to another URL which
> leads to a filename that matches.
No. Fetch uses the original filename as specified on the command
line. Redirects are handled behind the scenes by libfetch.
> The default behavior already *is* that the sending server has control
> over your local naming.
No.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-current
mailing list