[Esd-l] Sanitizer somehow left a .doc extension on a document
Brett Glass
brett at lariat.org
Wed Oct 3 19:13:02 PDT 2001
Just received a message in which the defanging done by John's
"sanitizer" seems to have malfunctioned. The "defanging"
wound up in the middle of the file name rather than at the
end, leaving an attachment with a clickable .doc extension.
The MIME headers came through like this:
Content-type: multipart/mixed;
boundary="Next_1001951157---0-203.199.83.25-6062"
X-UIDL: ba1601f780df7de19b28f46aef36318a
Content-type: application/msword; name="default.txt";
Content-Disposition: attach; filename="cgiperl_C_XMLresume.6373DEFANGED-doc"
and the attachment came through with the file name
cgiperl_C_XMLresume.6373DEFANGED-doc.doc
Why?
--Brett
More information about the esd-l
mailing list