Direct URL Disk Access: Part 2
-
After reading this post http://forums.worsethanfailure.com/forums/thread/134113.aspx I stumbled across this nice piece of code at my job.
Dim FilePath As String = "C:\" & Request.QueryString("filename").ToString
'Write the file directly to the HTTP content output stream.
Response.WriteFile(FilePath)
Response.End()I can't wait to see the look on the guy's face who coded this when I share this with the group.
-
Hey, at least they can't access the porn collection I stashed on D:
[/joking]
-
Anyone who still doesn't sanitize input in web development (or anywhere, really) should be shown the door.
-
@bstorer said:
Anyone who still doesn't sanitize input in web development (or anywhere, really) should be shown the door.
A Box, A BOX! With nails in it. Preferable after a session of being beaten to the light of a blink tag.Did i mention the cement?
-
@Kain0_0 said:
@bstorer said:
Anyone who still doesn't sanitize input in web development (or anywhere, really) should be shown the door.
A Box, A BOX! With nails in it. Preferable after a session of being beaten to the light of a blink tag.Did i mention the cement?