Consider malcrafted url's

There's a discussion on Zulip about malcrafted urls:
https://chat.fhir.org/#narrow/stream/implementers/subject/URL.20Parsing

Exploits by Orange Tsai:
https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf
http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html

List of test url's
https://www.lookout.net/test/url/

Maybe we can implement at least some unit tests for this?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Consider malcrafted url's #534

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Consider malcrafted url's #534

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions