« SSL is a Pain in the Ass | Main | Feedback Wanted on Draft Modern Perl Book »

06/21/2010

Scanning for Unsafe URLs - Update 1

So, after writing it, I had an opportunity to tweak the scripts a little.  I added a couple more URLs to reject in the irule but I've been having some fun dealing with redirection.  I modified the perl script a little to prevent it from automatically following redirects because I was getting some false positives on sites where the url issued a 301 or 302 redirect.  This doesn't seem optimal yet so I expect another update will be out soon. 

Once doing the change for redirection, however, I had to then tweak the URLs being scanned for to include the full URL.  I don't know how trustworthy the IIS URLs are yet--I'm going to try to find a box to test with later this week.

See the original post for the updated scripts.

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01156fbc6fe6970c0133f181ac78970b

Listed below are links to weblogs that reference Scanning for Unsafe URLs - Update 1:

Comments