Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 2 of 2 for attacks (0.28 sec)

  2. github.com/square/okhttp

    okhttp/src/main/kotlin/okhttp3/HttpUrl.kt 

     *
 * ```java
 * String attack = "http://example.com/static/images/../../../../../etc/passwd";
 * System.out.println(new URL(attack).getPath());
 * System.out.println(new URI(attack).getPath());
 * System.out.println(HttpUrl.parse(attack).encodedPath());
 * ```
 *
 * By canonicalizing the input paths, they are complicit in directory traversal attacks. Code that
 * checks only the path prefix may suffer!
 *
    Plain Text
    - Registered: Fri May 03 11:42:14 GMT 2024
    - Last Modified: Tue Jan 09 12:33:05 GMT 2024
    - 63.5K bytes
    - Viewed (1)
  3. github.com/square/okhttp

    docs/changelogs/changelog_3x.md 

     *  New: CBC-mode ECDSA cipher suites have been removed from OkHttp's default
    configuration: `TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA` and
    `TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA`. This tracks a [Chromium
    change][remove_cbc_ecdsa] to remove these cipher suites because they are
    fragile and rarely-used.
 *  New: Don't fall back to common name (CN) verification for hostnames. This
    Plain Text
    - Registered: Fri May 03 11:42:14 GMT 2024
    - Last Modified: Sun Feb 06 14:55:54 GMT 2022
    - 50.8K bytes
    - Viewed (0)
Back to top