On Fri, 29 Oct 1999, I wrote:
> I can only think of a couple options: hack http_core.c to do what I want,
> or write a custom LogHandler that uses the sanitized host.
We've decided on another option: if you're sending a Host: header that
needs "sanitation," then either 1) you're trying to run some kind of
"exploit" or 2) you're using a very broken browser. We're going to
just punt and send you a 404 right there. The end.
BTW, it was a broken client calling itself "NetAttache/2.5" that started
this whole thing.