Pygopherd bug (files with ".." in them)
Dankoozy
the directory contained a file with two dots in a row wouldnt load.
I found the function below in handlers/base.py was causing the problem.
before it was searching for ".." in the selector, instead i have it
searching for ../ and /.. now. below is the new function i made, just
wondering if i'm after introducing more bugs now?
def isrequestsecure(self):
"""An auxiliary to canhandlerequest. In order for this handler
to be selected for handling a given request, both the securitycheck
and the canhandlerequest should be invoked. The securitycheck is
intended to be a short, small, quick check -- usually not even
looking at the filesystem. Here is a default. Returns true
if the request is secure, false if not. By default, we eliminate
./, ../, and // This is split out from canhandlerequest becase
it could be too easy to forget about it there."""
return (self.selector.find("./") == -1) and \
(self.selector.find("../") == -1) and \
(self.selector.find("//") == -1) and \
(self.selector.find(".\\") == -1) and \
(self.selector.find("\\\\") == -1) and \
(self.selector.find("\0") == -1) and \
(self.selector.find("/..") == -1)