Am 16.02.2011 23:28, schrieb clipka:
> From the code it is pretty obvious that the original intention is to
> eliminate ".." from paths like "foo/bar/../fnord" by contracting it to
> "foo/../fnord" - no security stuff intended there.
Of course that should have been "contracting it to 'foo/fnord'".
Post a reply to this message
|