httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r1517589 - /httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml
Date Mon, 26 Aug 2013 16:11:23 GMT
Author: covener
Date: Mon Aug 26 16:11:22 2013
New Revision: 1517589

URL: http://svn.apache.org/r1517589
Log:
add a warning about BREACH to the first two sample configurations.


Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml?rev=1517589&r1=1517588&r2=1517589&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml Mon Aug 26 16:11:22 2013
@@ -38,6 +38,11 @@ client</description>
 <seealso><a href="../filter.html">Filters</a></seealso>
 
 <section id="recommended"><title>Sample Configurations</title>
+    <note type="warning"><title>Compression and TLS</title>
+        <p>Some web applications are vulnerable to an information disclosure
+        attack when a TLS connection carries deflate compressed data. For more
+        information, review the details of the "BREACH" family of attacks.</p>
+    </note>
     <p>This is a simple configuration that compresses common text-based content types.</p>
 
     <example><title>Compress only a few types</title>
@@ -49,6 +54,11 @@ client</description>
 </section>
 
 <section id="enable"><title>Enabling Compression</title>
+    <note type="warning"><title>Compression and TLS</title>
+        <p>Some web applications are vulnerable to an information disclosure
+        attack when a TLS connection carries deflate compressed data. For more
+        information, review the details of the "BREACH" family of attacks.</p>
+    </note>
 
     <section id="output"><title>Output Compression</title>
       <p>Compression is implemented by the <code>DEFLATE</code>



Mime
View raw message