One doesn't have to guess path + query, one only guess the query. In some scenarios, this enhances the attacker's ability to probe. The question is, does it do so enough for us to care. -=R On Sun, Jul 20, 2014 at 2:05 PM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > In message <CAP+FsNfy-3V_BRcqa1ATts7SgX= > hqEDvtK7LjuA5iHAG3gaBEQ@mail.gmail.com> > , Roberto Peon writes: > > >It could make guessing things potentially easier. > > Please explain ? > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. >
Received on Monday, 21 July 2014 01:33:28 UTC