[ipxe-devel] Password parsing
Christian Stroehmeier
stroemi at mail.uni-paderborn.de
Tue Oct 28 17:29:31 UTC 2014
Hi everyone,
I recently discovered that a '?' in your password will cause the
password to be displayed in plain text during imgfetch. After looking
into core/uri.c what was causing this I think the same is true for '#'
and '@'. The parsing simply assumes these characters server their usual
purpose when occurring in an URI.
I tried working around that issue, but I am undecided how to do this
correctly. First thing that comes to mind is starting at the end of the
string searching backwards. Are there any drawbacks on this? If not I
would implement it and send the patch.
Cheers,
Chris
More information about the ipxe-devel
mailing list