[mapserver-users] mapserver cgi-bin security

[Even Rouault]

> You didn't provide enough information to give specific recommendations. 
> However, generally there are some things you can do.

There was a bit of private follow-up. It appears to be a mis-use of validation 
patterns, lacking a starting ^ and a trailing $

The examples at https://mapserver.org/mapfile/validation.html do it properly, 
but this would probably require a more prominent warning that they are 
necessary to get strict matching of the regexp.

Even

-- 
Spatialys - Geospatial professional services
http://www.spatialys.com