Fix CVE-2006-5752:

* modules/generators/mod_status.c (status_handler): Specify charset in
content-type to prevent browsers doing charset "detection", which
allows an XSS attack.  Use logitem-escaping on the request string to
make it charset-neutral.

Reported by: Stefan Esser <sesser hardened-php.net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@549159 13f79535-47bb-0310-9956-ffa450edef68