gotoyuzo 4fc6b25289 * lib/webrick/httpservlet/filehandler.rb: should normalize path ... name in path_info to prevent script disclosure vulnerability on DOSISH filesystems. (fix: CVE-2008-1891) Note: NTFS/FAT filesystem should not be published by the platforms other than Windows. Pathname interpretation (including short filename) is less than perfect. * lib/webrick/httpservlet/abstract.rb (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri): should escape the value of Location: header. * lib/webrick/httpservlet/cgi_runner.rb: accept interpreter command line arguments. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@16495 b2dd03c8-39d4-4d8f-98ff-823fe69b080e		2008-05-20 16:35:25 +00:00
..
httpauth
httpservlet	* lib/webrick/httpservlet/filehandler.rb: should normalize path	2008-05-20 16:35:25 +00:00
accesslog.rb
cgi.rb	* lib/webrick/cgi.rb (WEBrick::CGI#start): req.query_string should	2005-09-28 06:16:59 +00:00
compat.rb
config.rb	* lib/webrick/config.rb (Config::FileHandler): :UserDir should be nil.	2005-10-14 07:58:39 +00:00
cookie.rb	* lib/webrick/cookie.rb (WEBrick::Cookie.parse_set_cookies): new	2006-09-08 01:04:52 +00:00
htmlutils.rb
httpauth.rb
httpproxy.rb	* lib/webrick/ssl.rb (WEBrick::Config::SSL): the default value	2005-01-18 06:03:43 +00:00
httprequest.rb	* lib/webrick/httprequest.rb (WEBrick::HTTPReuqest#parse_uri): improve	2006-07-31 04:39:45 +00:00
httpresponse.rb
https.rb
httpserver.rb	* lib/webrick/httpserver.rb (WEBrick::HTTPServer::unmount): remove	2006-07-18 05:08:37 +00:00
httpservlet.rb
httpstatus.rb
httputils.rb	* lib/webrick/httputils.rb (WEBrick::HTTPUtils.parse_query): should	2005-06-25 08:16:16 +00:00
httpversion.rb
log.rb
server.rb	* lib/webrick/server.rb (WEBrick::GenericServer#accept_client):	2005-07-14 23:00:22 +00:00
ssl.rb	* lib/webrick/ssl.rb (WEBrick::Config::SSL): the default value	2005-01-18 06:03:43 +00:00
utils.rb	* lib/webrick/server.rb (WEBrick::GenericServer#accept_client):	2005-07-14 23:00:22 +00:00
version.rb