From 92ca1dd525de60d735f7ec6c9aacd4443a0a8f15 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 2 Dec 2015 07:48:41 -0500
Subject: libtrace enhancements

---
 todo | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'todo')

diff --git a/todo b/todo
index fe82248b8..9765781f9 100644
--- a/todo
+++ b/todo
@@ -144,3 +144,24 @@ dr-x------ 2   65534   65534   40 Nov 24 17:53 .mozilla
 19. Try --overlay on a Ubuntu 14.04 32bit.Without adding --dns, there will be no network connectivity - see issue 151
 
 20. blacklist ~/.cache in disable-common.inc???
+
+21. restrict chars in filenames
+
+try to open url-encoded filenames
+
+const char badChars[] = "-\n\r ,;'\\<\""; 
+(https://www.securecoding.cert.org/confluence/display/c/MSC09-C.+Character+encoding%3A+Use+subset+of+ASCII+for+safety)
+
+strip = array("~", "`", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "_", "=", "+", "[", "{", "]",
+                       "}", "\\", "|", ";", ":", "\"", "'", "&#8216;", "&#8217;", "&#8220;", "&#8221;", "&#8211;", "&#8212;",
+                       "—", "–", ",", "<", ".", ">", "/", "?");
+(https://github.com/vito/chyrp/blob/35c646dda657300b345a233ab10eaca7ccd4ec10/includes/helpers.php#L516)
+
+$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}");
+(wordpress)
+
+rework the calls to invalid_filename(), depending if globing is allowed or not, include * in the list for non-globing files
+
+The POSIX standard defines what a “portable filename” is. This turns out to be just A-Z, a-z, 0-9, <period>, <underscore>, and <hyphen>
+http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_276
+
-- 
cgit v1.2.3-54-g00ecf