Commits


fix IRI-parsing bug Some particularly crafted IRIs can cause a denial of service (DOS). IRIs which have a trailing `..' segment and resolve to a valid IRI (i.e. a .. that's not escaping the root directory) will make the server process loop forever. This is """just""" an DOS vulnerability, it doesn't expose anything sensitive or give an attacker anything else.


make sure @ is allowed, and rephrase another test


don't %-decode the query


more IRI tests ensure non-encoded and pct-encoded hostnames are parsed correctly


brand new regress suite