29 Feb
2008
29 Feb
'08
7:31 p.m.
Jorge wrote:
- This patch always uses the same boundary, but a different one REALLY should be used for every form submission. At the least, the string should be scrambled up somehow.
Yes, please finish that part.
Probably checking the boundary string against URL_DATA, with strstr is a good idea too.
Attached. I'm not proud of this code, but special cases were getting in the way of attempts at cleanup.