You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "William A. Rowe, Jr." <wr...@rowe-clan.net> on 2005/07/01 06:23:29 UTC
HTTP Spoofing
1.3 proxy doesn't accept T-E:chunked request bodies.
1.3 proxy doesn't perform keep-alives against a backend.
I think we are safe, but additional opinions are welcome.
Bill
At 02:18 PM 6/30/2005, Mark J Cox wrote:
>> I'm obtaining a CVE name for this issue -- (as the issue is already public
>> it requires co-ordination with Mitre)
>
>CAN-2005-2088
>
>Has anyone looked to make sure this doesn't apply to later 1.3 releases?
>
>Cheers,
>Mark