- Sort Score
- Result 10 results
- Languages All
Results 1 - 2 of 2 for attacks (0.28 sec)
-
okhttp/src/main/kotlin/okhttp3/HttpUrl.kt
* * ```java * String attack = "http://example.com/static/images/../../../../../etc/passwd"; * System.out.println(new URL(attack).getPath()); * System.out.println(new URI(attack).getPath()); * System.out.println(HttpUrl.parse(attack).encodedPath()); * ``` * * By canonicalizing the input paths, they are complicit in directory traversal attacks. Code that * checks only the path prefix may suffer! *
Plain Text - Registered: Fri May 03 11:42:14 GMT 2024 - Last Modified: Tue Jan 09 12:33:05 GMT 2024 - 63.5K bytes - Viewed (1) -
docs/changelogs/changelog_3x.md
* New: CBC-mode ECDSA cipher suites have been removed from OkHttp's default configuration: `TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA` and `TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA`. This tracks a [Chromium change][remove_cbc_ecdsa] to remove these cipher suites because they are fragile and rarely-used. * New: Don't fall back to common name (CN) verification for hostnames. This
Plain Text - Registered: Fri May 03 11:42:14 GMT 2024 - Last Modified: Sun Feb 06 14:55:54 GMT 2022 - 50.8K bytes - Viewed (0)