|
|
|
|
|
|
by jeroenhd
69 days ago
|
|
|
What I don't understand about this setup is why a double slash could ever be a directory traversal attack in Spring Boot. If you're proxying to another server that just assumes relative paths and doesn't do any kind of validation, I guess an extra / might cause reading files outside of the expected area? That'd be an extremely weird and awful setup that I don't think makes any sense in the context of Spring Boot. |
|
|