Dangerous tip in Static Files

[numero-744]

In Static Files, the tip "To match a path tail, we can use a [.*] regex." is a security issue as it is possible to inject ../ in the uri to get any file the user running the server can access on the system. This injection does not seem possible with Firefox, which seems to merge a/b/../d into a/d, but it is possible for instance using w3m.

I think that at least a warning about this should be added.