|
|
|
|
|
|
by Atomskun
786 days ago
|
|
|
How in the world is your rant in linked file supposed to work? * It seems you decide whether to execute a file by its extension, e.g. `.php` * You are complaining that Windows is stripping away spaces, so `.php ` becomes `.php` * And supposedly this could lead the file being served as static text if you didn't have a Windows workaround? It rather seems to me that POSIX accepting `.php ` as a filename, and this not being picked up by a `.php` check is problematic here. |
|
|
If that test fails we could serve PHP source code instead of having it be evaluated, a potential security flaw.