Don't allow colons in web-requested path names on Windows
This fixes issue #269 (NTFS Alternate Data Stream vulnerability) and other potential pathname issues on Windows involving colons. There are other illegal filename characters on Windows (e.g. <>|"?*), but filenames with these characters aren't expected to pass the later stat() test, so should fail with a 404 error.
Showing with 13 additions and 0 deletions