Just Launched: You can now import projects and releases from Google Code onto SourceForge
We are excited to release new functionality to enable a 1-click import from Google Code onto the Allura platform on SourceForge. You can import tickets, wikis, source, releases, and more with a few simple steps. Read More
Update of /cvsroot/ijbswa/current
In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv27852
Add #112: Detect header insertion with \r\n and split the header
RCS file: /cvsroot/ijbswa/current/TODO,v
retrieving revision 1.80
retrieving revision 1.81
diff -C2 -d -r1.80 -r1.81
*** TODO 28 May 2013 14:38:39 -0000 1.80
--- TODO 29 Aug 2013 11:12:27 -0000 1.81
*** 318,319 ****
--- 318,325 ----
111) Reject requests if hosts and ports in request line and Host
header don't match (before filters have been applied).
+ 112) If a header filter is used to inject another header by inserting
+ a \r\n (undocumented feature), detect it and split the headers so
+ following header actions do not treat them as a single string.
+ Alternatively add another header injection mechanism.