N
news.microsoft.com
If I've enabled Parent Paths (PP) in IIS, but have installed the URL Filter
and disallowed ".." and "../" within links, am I covered from the
vulnerabilities of PP's?
This allows me to use PP's in #Include statements, but doesn't allow
visitors to use PP's in their links to access directories on my server.
Is this correct?
TIA
and disallowed ".." and "../" within links, am I covered from the
vulnerabilities of PP's?
This allows me to use PP's in #Include statements, but doesn't allow
visitors to use PP's in their links to access directories on my server.
Is this correct?
TIA