Skip to content
  • Cliff Woolley's avatar
    The consensus now is that mod_include should just butt out of any decisions · ae0b5278
    Cliff Woolley authored
    about what to do with different request methods.  It's true that mod_include
    in 1.3.x did not allow POST, but back then it was a handler.  Now it's a
    filter and can be used to filter the output of dynamically generated responses,
    even ones resulting from a POST request.  So if mod_include is in the filter
    stack, it should just blindly parse the brigade regardless of request method.
    
    This still fixes the security problem, it just fixes it by being more flexible
    rather than less so.
    
    
    git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90728 13f79535-47bb-0310-9956-ffa450edef68
    ae0b5278
To find the state of this project's repository at the time of any of these versions, check out the tags.