Return-Path: Delivered-To: apmail-httpd-docs-archive@httpd.apache.org Received: (qmail 55452 invoked by uid 500); 4 Feb 2002 06:51:19 -0000 Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: docs@httpd.apache.org Delivered-To: mailing list docs@httpd.apache.org Received: (qmail 55441 invoked from network); 4 Feb 2002 06:51:19 -0000 Message-ID: <3C5E2F6F.5000304@stason.org> Date: Mon, 04 Feb 2002 14:51:27 +0800 From: Stas Bekman Organization: Hope, Humanized User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7) Gecko/20011221 X-Accept-Language: en-us MIME-Version: 1.0 To: docs@httpd.apache.org Subject: [patch xdocs/info/css-security/apache_specific.html] Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N fix typos Index: xdocs/info/css-security/apache_specific.html =================================================================== RCS file: /home/cvspublic/httpd-site/xdocs/info/css-security/apache_specific.html,v retrieving revision 1.1 diff -u -r1.1 apache_specific.html --- xdocs/info/css-security/apache_specific.html 21 Nov 2001 07:16:36 -0000 1.1 +++ xdocs/info/css-security/apache_specific.html 4 Feb 2002 06:50:30 -0000 @@ -17,7 +17,7 @@

While reviewing the Apache code for any problems related to this problem, we have discovered a number of issues. Many of them are not bugs in Apache, but are places where Apache can do more to -avoid being vulnerable to the Cross Site Scriptint security problem. +avoid being vulnerable to the Cross Site Scripting security problem. None of the changes fix any security holes in Apache itself that can compromise the server directly, but are focused towards its interaction with clients. @@ -60,7 +60,7 @@

  • What is necessary to ensure that sites that legitimately use character sets with different encodings of special characters, such as UTF-7, are -protected? How can Apache facilitate this? This is a major issue for +protected. How can Apache facilitate this? This is a major issue for those with a significant amount of content in character sets other than iso-8859-1. _____________________________________________________________________ Stas Bekman JAm_pH -- Just Another mod_perl Hacker http://stason.org/ mod_perl Guide http://perl.apache.org/guide mailto:stas@stason.org http://ticketmaster.com http://apacheweek.com http://singlesheaven.com http://perl.apache.org http://perlmonth.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org For additional commands, e-mail: docs-help@httpd.apache.org