OmniHTTPd test.shtml Cross-Site Scripting Issue

["Matthew Murphy" <mattmurphy () kc rr com>]

OmniHTTPd's Test.shtml sample is also vulnerable to a similar issue:

http://localhost/test.shtml?%3CSCRIPT%3Ealert(document.URL)%3C%2FSCRIPT%3E=x

Will pop up an alert containing the above URL.  Of course, this has other
uses (cookie theft, faking sources, etc.)