Comment 8 for bug 1329202

@Marco: please correct me when I am wrong.

I have looked around in some icecast manuals, but I have found no point of using a mountpoint like that

/live?stream_id=1&tracking=2

It is always used like a normal file path.

If you look to the libshout source, it is obvious that you can set a mount-point that fails the queries. You can do things similar to SQL injection.

Escaping the stream is a workaround for that, but maybe we should also warn the user, since it is unlikely that someone is able to listen to that stream. Right?