https://bz.apache.org/bugzilla/show_bug.cgi?id=68907
Bug ID: 68907 Summary: replace ap_trust_cgilike_cl with a validating CL filter Product: Apache httpd-2 Version: 2.4.59 Hardware: PC OS: All Status: NEW Severity: enhancement Priority: P2 Component: Core Assignee: bugs@httpd.apache.org Reporter: cove...@gmail.com Target Milestone: --- Instead of the current ban on Content-Length from CGI-like modules, we could let these headers through and validate the length in some core filter, making sure a short or long response results in a terminated connection. This would replace the whitelisting via ap_trust_cgilike_cl -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org