Please sign in to comment.
Don't allow unhandled POSTs to write to the filesystem by default
If there's no registered handler for a POST request, the default behaviour is to write it to the filesystem. Several million deployed devices appear to have this behaviour, making it possible to (at least) store arbitrary data on them. Add a configure option that enables this behaviour, and change the default to just drop POSTs that aren't directly handled.
- Loading branch information...
Showing with 13 additions and 0 deletions.