diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-12-03 16:17:22 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-12-03 16:17:22 +0000 |
commit | 4cd2370bed609c118b6edfde5d3f116e5c35b897 (patch) | |
tree | ec58f2c41f49754e41521d5ebc9dce4597ddd0a5 /www-servers/apache/files | |
parent | f443475c824b4b5c086e6d040961cb35ad81bc60 (diff) |
gentoo resync : 03.12.2017
Diffstat (limited to 'www-servers/apache/files')
-rw-r--r-- | www-servers/apache/files/apache-asf-httpoxy.patch | 20 |
1 files changed, 0 insertions, 20 deletions
diff --git a/www-servers/apache/files/apache-asf-httpoxy.patch b/www-servers/apache/files/apache-asf-httpoxy.patch deleted file mode 100644 index 68e3d869a77e..000000000000 --- a/www-servers/apache/files/apache-asf-httpoxy.patch +++ /dev/null @@ -1,20 +0,0 @@ -https://bugs.gentoo.org/589226 -https://www.apache.org/security/asf-httpoxy-response.txt - ---- server/util_script.c (revision 1752426) -+++ server/util_script.c (working copy) -@@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r - else if (!strcasecmp(hdrs[i].key, "Content-length")) { - apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val); - } -+ /* HTTP_PROXY collides with a popular envvar used to configure -+ * proxies, don't let clients set/override it. But, if you must... -+ */ -+#ifndef SECURITY_HOLE_PASS_PROXY -+ else if (!strcasecmp(hdrs[i].key, "Proxy")) { -+ ; -+ } -+#endif - /* - * You really don't want to disable this check, since it leaves you - * wide open to CGIs stealing passwords and people viewing them |