Mercurial > hg > nginx

diff src/http/ngx_http_huff_encode.c @ 9242:ddcedfa3a809

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
HTTP: just one empty line now accepted when parsing request line. This ensures that multiple CRLFs cannot be used as a DoS vector, and also in line with RFC 9112 ("SHOULD ignore at least one empty line"). Further, bare CRs are no longer accepted.
author Maxim Dounin <mdounin@mdounin.ru>
date Sat, 30 Mar 2024 05:10:40 +0300
parents 336084ff943b
children
line wrap: on
line diff