You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2018/12/01 08:52:30 UTC

[Bug 45187] Long File name requests gives FORBIDDEN response

https://bz.apache.org/bugzilla/show_bug.cgi?id=45187

--- Comment #32 from Luca Toscano <to...@gmail.com> ---
Hi Roman,

have you tried to modify
http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestline ?

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

Re: [Bug 45187] Long File name requests gives FORBIDDEN response

Posted by William A Rowe Jr <wr...@rowe-clan.net>.

In response to #32, Luca, this behavior is understood and clarified in the
above
comments; it is an open question how to respond to APR_ENAMETOOLONG.
Will treating this as a not-found case introduce security risks? That's the
question.

On Sat, Dec 1, 2018 at 2:52 AM <bu...@apache.org> wrote:

> https://bz.apache.org/bugzilla/show_bug.cgi?id=45187
>
> --- Comment #32 from Luca Toscano <to...@gmail.com> ---
> Hi Roman,
>
> have you tried to modify
> http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestline ?
>
> --
> You are receiving this mail because:
> You are the assignee for the bug.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
> For additional commands, e-mail: bugs-help@httpd.apache.org
>
>