Skip to content
Commit ad41158e authored by Joe Orton's avatar Joe Orton
Browse files

Prevent CSRF attacks against the balancer-manager (CVE-2007-6420) 

* modules/proxy/mod_proxy_balancer.c (balancer_init): New function.
  (balancer_handler): Place a nonce in the form output, and check that
  the submitted form data includes that nonce.
  (ap_proxy_balancer_register_hook): Register the new post_config hook.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@661666 13f79535-47bb-0310-9956-ffa450edef68
parent 76e3863f
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment