Nmap Development mailing list archives

Re: found a small error in http-methods script


From: Fyodor <fyodor () insecure org>
Date: Wed, 9 Jun 2010 22:39:58 -0700

On Mon, Jun 07, 2010 at 02:56:57PM -0500, DePriest, Jason R. wrote:

I guess this isn't so much a script error as an error in the parsing
of the script into HTML for the website.  I it generated from line 12
of http-methods.nse which is just a naked URL.  I guess the tools to
turn it in to HTML turn it into an href.

Thanks Jason.  I escaped the URL by changing it from:

http://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_(OWASP-CM-008)

to

http://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_%28OWASP-CM-008%29

We could try to make the URL detection smarter, but it would be a
tough problem since in most cases you really do want to stop a URL
before a trailing ")".  Like if I wanted to link to the updated
http-methods page (http://nmap.org/nsedoc/scripts/http-methods.html).

Cheers,
-F
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Current thread: