cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: CURLOPT_SCOPE

From: Yang Tse <yangsita_at_gmail.com>
Date: Thu, 10 Jul 2008 02:13:58 +0200

2008/7/9, Dan Fandrich wrote:

> One thought that came to me about the URL proposal is whether
> it presents a security risk. Embedding the scope into the URL
> means that a malicious site could redirect a URL to a specific
> local network interface, bypassing the routing tables on a machine.

Maybe that's the reason for the behaviour that MS documents on the
already posted link...

"
For all sockets operations, WinINet uses the scope ID. However,
because the scope ID has only local host significance, it is not sent
as part of the HTTP protocol headers in the request. For example, the
call to InternetOpenUrl is called with the following URL in the
lpszUrl parameter.

http://[fec0::2%251]:80/path.htm

The scope ID portion of the URL is removed by WinINet when the HTTP
request is sent for this URL. The request contains the following
headers:

GET path.htm HTTP/1.1
Host: [fec0::2]
"

It would be interesting if someone could verify IE7's behaviour and
check if the scope ID is actually stripped out or not on non-local
requests.

-- 
-=[Yang]=-
Received on 2008-07-10