clean-dot-directories: fix: clear arg envvars on loop
Otherwise, with mischevious client requests, we run out of room for all
the cut up versions of the requested resource we store copies of. This
actually crashes in a way the client does not notice, though all the
extra string processing does have a noticable performance cost.
It is possible that the result of crashing could be a request that
exposes files outside subdirectories of supported_domains, as the
remaining dot-dots would be interpreted literally. Instead of attempting
this exploit I have simply fixed the bug.
Perhaps we *should* have been using sed(1) all along...
cat aescling's git repositories / httpd-execline.git / commit