Death by URL: Devastating and… incredibly simple
Handling file uploads and processing URLs should be easy, right? Well, it turns out there are many things that can go wrong, in lots of different ways, and at many levels (e.g. an application, a framework, the web browser, a proxy server). We explore how assumptions and subtle mishandling of URLs and files can lead to various high severity OWASP top 10 vulnerabilities.