On Tue, 2007-06-12 at 19:50 +0200, Mladen Turk wrote: > Jean-Frederic wrote: > >>> Add ForwardURIProxy to the URl handling option. > >>> common/jk_url.c is just a porting of the routines > >>> from proxy_util.c (Apache httpd). > >> After quite a few discussions, I think this should be the only mode > available for URI handling, as the two others are broken. > >> > >> Comments ? > > > > Additionaly I want to rollback r544137 too. > > > > Why?
To reach the following: url file/dir TC Compat Proxy Proxy-r544137 %252007 %2007 ok no ok ok %252E%252E %2E%2E ok no no ok Of course using Compat-r544137 would reopen the vulnerability. Cheers Jean-Frederic > Let's stop a bit and test things before. > > Regards, > Mladen. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]