|
|
|
|
|
|
by kccqzy
2653 days ago
|
|
|
This is far from uncommon. Back in DEFCON 2017 Orange Tsai gave a talk about inconsistencies in different URL parsing libraries in different languages. The opening example was a single URL that had a different hostname when parsed by urllib, urllib2, and requests. He also demoed examples of using unusual characters like spaces and newlines to talk to Redis or SMTP while pretending to be HTTP. Slides: https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20pre... |
|
|