[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] new relays
On Tue, 27 Aug 2013 23:12:01 +0000, Tor Exit wrote:
> GET /index.php?file=../../../../../../../etc/passwd
>
> Why not employ similar techniques on a Tor exit? We can be 100% sure about the malicious intent.
No, you can't be sure. That request could quite well be totally legitimate;
you are not in a position to judge for the site owner.
(I'm just fighting against a 'transparent proxy' that thinks
POST with more than 1000 bytes are evil. Please don't add
more points of failure to an already fragile web.)
Andreas
--
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays