Package: websec
Version: 1.9.0-3
Severity: normal
Hi all,
I am using websec for a few years. But it's ignore keywords
"feature" is annoying. It is so buggy, that can not help at
all, but destroy Your nervous system instead. There no way to
guess how it work and what kind of regular expression are used.
May be that is new one, invented by author and it is top secret.
I have written hundreds of complex and long regular expressions
for my life and all of them are working. But it is not case of
websec. As far as it is shown in examples, it should be perl
regular expression. Whatever expression I have written, I have
tested it with "pcregrep" utility, the perl analog of grep, --
and it is OK and string in question is found in html page saved
by websec. But websec don't understand those expressions. Here
is one only example with few variants of regex all of which used
with pcregrep and found the same string, but websec don't work
with any of those variants:
.{2} .{8} .{9} .{8} \d{1,2} .{4}
\D{2} \D{8} \D{9} \D{8} \d{1,2} \D{4}
\D{8} \D{9} \D{8} \d{1,2} \D{4}
\s\d{1,2}\s
\s\D{9}\s\D{8}\s\d{1,2}\s\D{4}\s
[^0-9]{2} [^0-9]{8} [^0-9]{9} [^0-9]{8} \d{1,2} [^0-9]{4}
[^0-9]{2} [^0-9]{8} [^0-9]{9} [^0-9]{8} [0-9]{1,2} [^0-9]{4}
дН ЯОХЯЮМХЪ ЮАНМОКЮРШ НЯРЮЕРЯЪ \d{1,2} ДМЕИ
This is some kind of typical example when instead of using
standard things like pcre, that made thing simple and reliable,
the something dim and crooked are invented. Sorry.
P.S. I have look through out mailing list, and see that I am not
only one who have "fun" with this "feature".
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)
Shell: /bin/sh linked to /bin/bash
Versions of packages websec depends on:
ii libcrypt-ssleay-perl 0.55-1 Support for https protocol in LWP
ii libwww-perl 5.808-1 WWW client/server library for Perl
ii perl 5.8.8-12 Larry Wall's Practical Extraction
websec recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
