[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 61355] DirectorySlash directive should use protocol in X-Forwarded-Proto header when available

William A. Rowe Jr. <wrowe@xxxxxxxxxx> changed:

           What    |Removed                     |Added
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #2 from William A. Rowe Jr. <wrowe@xxxxxxxxxx> ---
It should be noted that this introduces a monstrous security hole.

mod_remoteip uses explicit lists of trusted peers to pass valid X-F-F data for
interpretation. This hack is no different in trust requirements in order for
project to consider this submission.

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx