Received: by taz.hyperreal.com (8.6.12/8.6.5) id FAA20350;
 Tue, 3 Oct 1995 05:49:44 -0700
Received: from cass41 by taz.hyperreal.com (8.6.12/8.6.5) with SMTP id
 FAA20329; Tue, 3 Oct 1995 05:48:51 -0700
Received: from mamba.ast.cam.ac.uk by cass41 with smtp
	(Smail3.1.29.1 #9) id m0t06lK-000CM9C; Tue, 3 Oct 95 13:47 BST
Received: by mamba.ast.cam.ac.uk (Smail3.1.29.1 #9)
	id m0t06lI-0000mhC; Tue, 3 Oct 95 13:47 BST
Message-Id: <m0t06lI-0000mhC@mamba.ast.cam.ac.uk>
Date: Tue, 3 Oct 95 13:47 BST
From: drtr@ast.cam.ac.uk (David Robinson)
To: new-httpd@hyperreal.com
Subject: More patches
Content-Length: 985
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org

15_urlchars.0.8.14.patch
  Subject: Correctly reject bad and impossible URLs
  Affects: httpd.h, util.c, http_request.c
  ChangeLog: Reject bad % escapes with 400, and URL path segments containing
             / or \0
  Comment: The two characters forbidden in a UNIX filename are / and \0.
           This patch causes requests with these (% encoded) to be rejected,
           rather than treating %2f as a segment separator, and treating %00
           as the end of the URL.

16_alias.0.8.14.patch
  Subject: Allow user control over trailing slash in alias
  Affects: mod_alias.c, mod_dir.c
  ChangeLog: Do not strip trailing slash from Alias arguments; correct test
             for a trailing slash when redirecting /foo -> /foo/
  Comment: Removing the trailing slash from Alias arguments meant that it
           was impossible to (Script)Alias /foo and /foo/ differently.

I think there are sufficient patches pending that we need a new release,
1.0 notwithstanding.

 David.