diff options
| author | André Malo <nd@apache.org> | 2014-01-27 09:11:57 +0100 |
|---|---|---|
| committer | André Malo <nd@apache.org> | 2014-01-27 09:11:57 +0100 |
| commit | 097f0aa906fec90c2fd669d1fe94c1342209fdb0 (patch) | |
| tree | 919268359dbe0fcf955f12b3e9896fa5e58a1658 /docs/manual/env.html.en | |
| parent | fix another source of invalid links: too much space. (diff) | |
| download | apache2-097f0aa906fec90c2fd669d1fe94c1342209fdb0.tar.xz apache2-097f0aa906fec90c2fd669d1fe94c1342209fdb0.zip | |
update transformation
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1561601 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs/manual/env.html.en')
| -rw-r--r-- | docs/manual/env.html.en | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/manual/env.html.en b/docs/manual/env.html.en index 787df2dccd..dfcfc16495 100644 --- a/docs/manual/env.html.en +++ b/docs/manual/env.html.en @@ -406,7 +406,7 @@ <p>Starting with version 2.4, Apache is more strict about how HTTP - headers are converted to environment variables in <code class="module"><a href="./mod/mod_cgi .html">mod_cgi + headers are converted to environment variables in <code class="module"><a href="./mod/mod_cgi.html">mod_cgi </a></code> and other modules: Previously any invalid characters in header names were simply translated to underscores. This allowed for some potential cross-site-scripting attacks via header injection @@ -414,7 +414,7 @@ Unusual Web Bugs</a>, slide 19/20).</p> <p>If you have to support a client which sends broken headers and - which can't be fixed, a simple workaround involving <code class="module"><a href="./mod/mod_setenvif .html">mod_setenvif + which can't be fixed, a simple workaround involving <code class="module"><a href="./mod/mod_setenvif.html">mod_setenvif </a></code> and <code class="module"><a href="./mod/mod_headers.html">mod_headers</a></code> allows you to still accept these headers:</p> |