httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexei Kosut <ako...@organic.com>
Subject Re: [linux-security] Security Hole. Appache. (fwd)
Date Fri, 05 Sep 1997 18:14:33 GMT
On Fri, 5 Sep 1997, Roy T. Fielding wrote:

> >One minor point: Apache handles GET vs. HEAD for scripts. It passes
> >REQUEST_METHOD as GET, and cuts off the response after the headers.
> 
> Ummm, I don't think so
> 
>     table_set (e, "REQUEST_METHOD", r->method);
> 
> in util_script.c.

Oops. Yes, well I was half right (it does cut off the response, but it
also sends "HEAD").

-- Alexei Kosut <akosut@organic.com>


Mime
View raw message