full path disclosure on www.rockstargames.com via apache filename brute forcing

In this report, the researcher found that sending a request with an invalid Accept header to `http://www.rockstargames.com/index` resulted in a full path disclosure to the webroot. This was fixed as a result of the researcher's aid. Please be aware that after this report was resolved, we added "Path Disclosures" to our list of Excluded issues. Please read the full Exclusions list for more details.