Subj : src/sbbs3/websrvr.c
To   : Git commit to main/sbbs/master
From : Rob Swindell
Date : Sat Jun 05 2021 00:42:05

https://gitlab.synchro.net/main/sbbs/-/commit/a487e0c681d380e01a76deeb
Modified Files:
	src/sbbs3/websrvr.c
Log Message:
Don't allow colons in web-requested path names on WindowsThis fixes issue #269 (NTFS Alternate Data Stream vulnerability) and otherpotential pathname issues on Windows involving colons.There are other illegal filename characters on Windows (e.g. <>|"?*), butfilenames with these characters aren't expected to pass the later stat() test,so should fail with a 404 error.
--- SBBSecho 3.14-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

.