https://bz.apache.org/bugzilla/show_bug.cgi?id=65737
Joe Orton <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #4 from Joe Orton <[email protected]> --- Yes, you need to have a valid Referer: header in the request since 2.4.41 - this is a deliberate security feature to prevent XSS/XSRF attacks. So I don't see a bug here. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
