Writing "/etc/hosts" breaks the Substack editor
a year ago
- #web-security
- #technical-writing
- #devops
- Author encountered a 'Network Error' in Substack editor when typing system file paths like '/etc/h*sts'.
- Investigation revealed the error was triggered by Web Application Firewall (WAF) security filters.
- WAFs block paths resembling common system files to prevent path traversal and command injection attacks.
- Examples of blocked paths include '/etc/pass*d' and '/etc/ssh/sshd_conf*g'.
- Historical posts show variations in filtering behavior over time.
- The issue highlights the tension between security measures and usability for technical content.
- Suggested improvements include contextual filtering and clearer error messages.
- Workarounds involve using alternative spellings or quoting paths.