equal
deleted
inserted
replaced
1 https://issues.apache.org/bugzilla/show_bug.cgi?id=52774 |
1 https://issues.apache.org/bugzilla/show_bug.cgi?id=52774 |
2 |
2 |
3 --- modules/mappers/mod_rewrite.c Mon Aug 20 10:22:53 2012 |
3 --- modules/mappers/mod_rewrite.c Mon Aug 20 10:22:53 2012 |
4 +++ modules/mappers/mod_rewrite.c Tue Sep 18 04:02:33 2012 |
4 +++ modules/mappers/mod_rewrite.c Tue Sep 18 04:02:33 2012 |
5 @@ -4302,14 +4302,29 @@ |
5 @@ -4319,14 +4319,29 @@ |
6 /* Unless the anyuri option is set, ensure that the input to the |
6 /* Unless the anyuri option is set, ensure that the input to the |
7 * first rule really is a URL-path, avoiding security issues with |
7 * first rule really is a URL-path, avoiding security issues with |
8 * poorly configured rules. See CVE-2011-3368, CVE-2011-4317. */ |
8 * poorly configured rules. See CVE-2011-3368, CVE-2011-4317. */ |
9 + /* |
9 + /* |
10 + * We believe that URI starting with "http://" is valid and thus we fork |
10 + * We believe that URI starting with "http://" is valid and thus we fork |