httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 40953] Should not send any data in 1xx/204/304 reply from CGI/PHP/Servlet
Date Wed, 18 Feb 2009 21:49:05 GMT

Edward Z. Yang <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #6 from Edward Z. Yang <>  2009-02-18 13:49:04 PST ---
We've run into this "feature enhancement request" recently. It's actually a
more specific example of the fact that Apache doesn't sanity check Status
Code/Content-Length headers that scripts send back. For example, I can take
advantage of this to make a CGI script send two HTTP responses back to a user,
when Keep-Alive is on and a single connection is used:


If the PoC works (it occasionally fails, if that happens, try again), it will
redirect you to but will display "Injected
Content", which was the second HTTP request sent.

There is also a relevant Firefox bug:

It would be very nice to see this fixed.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message