You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2013/08/26 18:11:23 UTC
svn commit: r1517589 - /httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml
Author: covener
Date: Mon Aug 26 16:11:22 2013
New Revision: 1517589
URL: http://svn.apache.org/r1517589
Log:
add a warning about BREACH to the first two sample configurations.
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml?rev=1517589&r1=1517588&r2=1517589&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_deflate.xml Mon Aug 26 16:11:22 2013
@@ -38,6 +38,11 @@ client</description>
<seealso><a href="../filter.html">Filters</a></seealso>
<section id="recommended"><title>Sample Configurations</title>
+ <note type="warning"><title>Compression and TLS</title>
+ <p>Some web applications are vulnerable to an information disclosure
+ attack when a TLS connection carries deflate compressed data. For more
+ information, review the details of the "BREACH" family of attacks.</p>
+ </note>
<p>This is a simple configuration that compresses common text-based content types.</p>
<example><title>Compress only a few types</title>
@@ -49,6 +54,11 @@ client</description>
</section>
<section id="enable"><title>Enabling Compression</title>
+ <note type="warning"><title>Compression and TLS</title>
+ <p>Some web applications are vulnerable to an information disclosure
+ attack when a TLS connection carries deflate compressed data. For more
+ information, review the details of the "BREACH" family of attacks.</p>
+ </note>
<section id="output"><title>Output Compression</title>
<p>Compression is implemented by the <code>DEFLATE</code>