diff options
| author | Christopher Brannon <chris@the-brannons.com> | 2021-07-31 21:09:51 -0700 |
|---|---|---|
| committer | Christopher Brannon <chris@the-brannons.com> | 2021-07-31 21:09:51 -0700 |
| commit | 0d556243b8aba50e0bc638f0669702bf9f211641 (patch) | |
| tree | a7ff27e9a311a9f9403834239443754bc894e2cc | |
| parent | 5aa3eff924e2d9278205e66b824ceec51856d5a7 (diff) | |
| download | nawp-0d556243b8aba50e0bc638f0669702bf9f211641.tar nawp-0d556243b8aba50e0bc638f0669702bf9f211641.tar.gz nawp-0d556243b8aba50e0bc638f0669702bf9f211641.tar.bz2 nawp-0d556243b8aba50e0bc638f0669702bf9f211641.tar.lz nawp-0d556243b8aba50e0bc638f0669702bf9f211641.tar.xz nawp-0d556243b8aba50e0bc638f0669702bf9f211641.tar.zst nawp-0d556243b8aba50e0bc638f0669702bf9f211641.zip | |
Work around some legacy behavior on some web servers.0.2
https://en.wikipedia.org/wiki/Query_string#Indexed_search
Some servers -- notably Apache and thttpd -- will take a query string
that has no encoded = character and split it into command line arguments
passed to the script. That's harmful here.
| -rwxr-xr-x | nawp.scm | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -347,7 +347,7 @@ (define (main) (match (command-line-arguments) - (() (cgi-main)) + (() (when (get-environment-variable "GATEWAY_INTERFACE") (cgi-main))) ((adduser username display-name) (add-user username (read-password "Password: ") display-name)) (everything-else (help)))) |