Hey, good news, Skipfish 1.26b is out!
Changelog from 1.19b:
– phtml added to the dictionary.
– Yet another workaround for MALLOC_CHECK_. Grr.
– A limit on the number of identically named path elements added. This
is a last-resort check against endless recursion (e.g., for ‘subdir’
-> ‘.’ symlinks).
– XSS detection now accounts for commented out text.
– A minor improvement to XHTML detection.
– HTML vs XHTML mismatches no longer trigger a warning.
– URL parser now accounts for its own . injection pattern.
Attempt to compile as it is downloaded (without the patch).
My patch to 1.19b works fine in 1.26b too.
$ patch < skipfish.patch
patching file Makefile
patching file report.c
patching file Info.plist
This was a great day for science!