Mercurial > hg > nginx

comparison src/http/ngx_http_core_module.c @ 9242:ddcedfa3a809

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
HTTP: just one empty line now accepted when parsing request line. This ensures that multiple CRLFs cannot be used as a DoS vector, and also in line with RFC 9112 ("SHOULD ignore at least one empty line"). Further, bare CRs are no longer accepted.
author Maxim Dounin <mdounin@mdounin.ru>
date Sat, 30 Mar 2024 05:10:40 +0300
parents 73eb75bee30f
children a6649497a762
comparison
equal deleted inserted replaced
9241:07ca679842de 9242:ddcedfa3a809