httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Trawick" <traw...@gmail.com>
Subject Re: svn commit: r549159 - in /httpd/httpd/trunk: CHANGES modules/generators/mod_status.c
Date Wed, 18 Jul 2007 14:08:30 GMT
On 7/18/07, Joe Orton <jorton@redhat.com> wrote:
> On Wed, Jul 18, 2007 at 08:25:59AM -0400, Jeff Trawick wrote:
> > On 6/20/07, jorton@apache.org <jorton@apache.org> wrote:
> > >Author: jorton
> > >Date: Wed Jun 20 10:29:24 2007
> > >New Revision: 549159
> > >
> > >URL: http://svn.apache.org/viewvc?view=rev&rev=549159
> > >Log:
> > >Fix CVE-2006-5752:
> > >
> > >* modules/generators/mod_status.c (status_handler): Specify charset in
> > >content-type to prevent browsers doing charset "detection", which
> > >allows an XSS attack.  Use logitem-escaping on the request string to
> > >make it charset-neutral.
> >
> > assert(
> >
> > The part of the fix that addresses the vulnerability is providing the
> > charset; the escaping change is just for predictable display.  So the
> > following is a simple, understandable circumvention.
> >
> > <Location /server-status>
> > SetHandler server-status
> > AddDefaultCharset ISO-8859-1
> > ...
> > </Location>
> >
> > ) ???
>
> That's all correct, yes, sorry if the wording is not clear above.

no worries; better safe than sorry; thanks as always!

Mime
View raw message