You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by wr...@apache.org on 2017/07/26 22:06:56 UTC

svn commit: r1803119 - /httpd/site/trunk/content/security/vulnerabilities-httpd.xml

Author: wrowe
Date: Wed Jul 26 22:06:55 2017
New Revision: 1803119

URL: http://svn.apache.org/viewvc?rev=1803119&view=rev
Log:
Clean up odd nesting effects observed in Chrome

Modified:
    httpd/site/trunk/content/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/content/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/vulnerabilities-httpd.xml?rev=1803119&r1=1803118&r2=1803119&view=diff
==============================================================================
--- httpd/site/trunk/content/security/vulnerabilities-httpd.xml (original)
+++ httpd/site/trunk/content/security/vulnerabilities-httpd.xml Wed Jul 26 22:06:55 2017
@@ -414,10 +414,12 @@ to request B, polluting the cache or pot
 a different downstream user-agent.
 </p><p>
 These defects are addressed with the release of Apache HTTP Server 2.4.25
-and coordinated by a new directive;<br />
+and coordinated by a new directive;
+</p>
 <ul><li>
 <a href="http://httpd.apache.org/docs/2.4/mod/core.html#httpprotocoloptions"
   >HttpProtocolOptions Strict</a></li></ul>
+<p>
 which is the default behavior of 2.4.25 and later. By toggling from 'Strict'
 behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow
 some invalid HTTP/1.1 clients to communicate with the server, but this will