The backslash there was deliberate, as an implicit reminder to the reader that those can also cause security faults if not treated specially. Admittedly, the backslash should have been doubled to make it through nroff, but eliminating it altogether makes the point of the \autoexec.bat example moot.

---
** [bugs:#1234] libcurl_tutorial.3 contains incorrect backslash**
**Status:** closed-fixed
**Created:** Tue May 28, 2013 11:28 AM UTC by Eric S. Raymond
**Last Updated:** Tue May 28, 2013 11:39 AM UTC
**Owner:** Daniel Stenberg
--- libcurl-tutorial.3-unpatched	2013-05-28 07:24:46.577949934 -0400
+++ libcurl-tutorial.3	2013-05-28 07:25:06.161949568 -0400
@@ -1246,7 +1246,7 @@
 could also use CURLINFO_EFFECTIVE_URL to generate a file name from a
 server-supplied redirect URL. Special care must be taken to sanitize such
 names to avoid the possibility of a malicious server supplying one like
-"/etc/passwd", "\autoexec.bat" or even ".bashrc".
+"/etc/passwd", "autoexec.bat" or even ".bashrc".
 
 .IP "Server Certificates"
 A secure application should never use the CURLOPT_SSL_VERIFYPEER option to
---
Sent from sourceforge.net because you indicated interest in <https://sourceforge.net/p/curl/bugs/1234/>
To unsubscribe from further messages, please visit <https://sourceforge.net/auth/subscriptions/>