ap | b0812c3 | 2006-04-18 05:01:27 +0000 | [diff] [blame] | 1 | |
| 2 | HTML manglizer |
| 3 | -------------- |
| 4 | |
| 5 | Copyright (C) 2004 by Michal Zalewski <lcamtuf@coredump.cx> |
| 6 | |
| 7 | A trivial utility to automatically check for HTML parsing flaws. Generates |
| 8 | a basic set of badly mangled tags on request, with auto-refresh back to the |
| 9 | script, so that you can point a browser to it once, and let it run until |
| 10 | it crashes. |
| 11 | |
| 12 | Put it in your cgi-bin directory or any other Apache folder with ExecCGI option |
| 13 | enabled, then visit the URL http://<yourserver>/<cgidir>/mangleme.cgi. |
| 14 | |
| 15 | When the browser crashes, error-log should be examined for the last matching |
| 16 | entry generated by mangle.cgi; extract the hexadecimal value, then invoke |
| 17 | remangle.cgi?hex_value from the browser again. If it crashes, you've reproduced |
| 18 | the problem, and can save the remangle.cgi page using wget or such. |
| 19 | |
| 20 | Check gallery/ for some samples. |