On Tue, 27 Aug 2013 23:12:01 +0000, Tor Exit wrote:
GET /index.php?file=../../../../../../../etc/passwd
Why not employ similar techniques on a Tor exit? We can be 100% sure about the malicious intent.
No, you can't be sure. That request could quite well be totally legitimate; you are not in a position to judge for the site owner.
(I'm just fighting against a 'transparent proxy' that thinks POST with more than 1000 bytes are evil. Please don't add more points of failure to an already fragile web.)
Andreas