Date: Wed, 15 Jun 2005 16:31:58 +0300 From: Vasil Dimov <vd@datamax.bg> To: "Loren M\. Lang" <lorenl@alzatex.com> Cc: freebsd-ports@freebsd.org Subject: Re: Download URL for blobwars. Message-ID: <20050615133158.GB50642@sinanica.bg.datamax> In-Reply-To: <20050615062637.GA28464@alzatex.com> References: <20050615052417.GA27969@alzatex.com> <20050615062637.GA28464@alzatex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Jun 14, 2005 at 11:26:37PM -0700, Loren M. Lang wrote: > On Tue, Jun 14, 2005 at 10:24:17PM -0700, Loren M. Lang wrote: ... > > PORTNAME and DISTVERSION as appropriate. This caused fetch to grab the > > file successfully, but it saved it as > > > > download.php?type=zip&file=blobwars-1.04-1.tar.gz > > > > instead of blobwars-1.04-1.tar.gz so extract then fails. Though when I ... > I think what's happening here is that libfetch doesn't understand the > Content-disposition header that the site is sending out and so is saving > the file with the wrong name. The fix would be to add support for the > content-disposition header to libfetch or use a suitable replacement > that understands the header. The only other alternative I can see it to This would be quite insecure, imagine that server requests the file to be saved as ../../../../../../etc/passwd or ~/.profile or something else unexpected. You should use -o ${KNOWNFILENAME} as Roman Neuhauser suggests. -----BEGIN PGP SIGNATURE----- iD8DBQFCsC3OFw6SP/bBpCARAq4wAJ9ZuhQ+tHaP1t3wD0s3sb8j+0MWJQCg2rlP ipmWRE6+fu593YmYUQbfOW0= =Lbqg -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050615133158.GB50642>