in reply to how to improve my script
From looking at your code, it appears that it is vulnerable to directory traversal attacks. If someone requests URLs like "/../../../../../../etc/passwd", you happily deliver the system's user database.
Also I'd guess that you'll get a lot of warnings if a client terminates the connection without sending a request.
However I may be wrong; I did not run your code, I only had a look at it.
I realize that you are doing this only as an exercise, but I'd strongly recommend thinking about malicious input when writing networking software.
|
---|
Replies are listed 'Best First'. | |
---|---|
Re^2: how to improve my script
by afoken (Chancellor) on Jun 15, 2009 at 17:59 UTC |
In Section
Seekers of Perl Wisdom