Skip to content
  1. Apr 09, 2003
    • Andre Malo's avatar
      if there's no sidebar, there's no need to squeeze the content. · 7ff70b65
      Andre Malo authored
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99309 13f79535-47bb-0310-9956-ffa450edef68
      7ff70b65
    • Andre Malo's avatar
      update transformation · b5731425
      Andre Malo authored
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99304 13f79535-47bb-0310-9956-ffa450edef68
      b5731425
    • Andre Malo's avatar
      use Google Search. · 21f16f5f
      Andre Malo authored
      We may have to experimt a bit to get best results. This is a first
      attempt.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99303 13f79535-47bb-0310-9956-ffa450edef68
      21f16f5f
    • Chris Pepper's avatar
      Clarify some wording. · 5f32e966
      Chris Pepper authored
      	Note this change (as previously written, it implied that 1.3.5
      	had this vulnerability, which is not true). I'm not sure if
      	"httpd 2.0" is the preferred name.
      
      -    <p>Note that in versions previous to 2.0.46 no escaping has been performed
      +    <p>Note that in httpd 2.0 versions prior to 2.0.46, no escaping was performed
           on the strings from <code>%...r</code>, <code>%...i</code> and
           <code>%...o</code>. This was mainly to comply with the requirements of
           the Common Log Format. This implied that clients could insert control
           characters into the log, so you had to be quite careful when dealing
           with raw log files.</p>
      
      -    <p>For security reasons starting with 2.0.46 non-printable and
      +    <p>For security reasons, starting with 2.0.46, non-printable and
           other special characters are escaped mostly by using
           <code>\x<var>hh</var></code> sequences, where <var>hh</var> stands for
           the hexadecimal representation of the raw byte. Exceptions from this
           rule are <code>"</code> and <code>\</code> which are escaped by prepending
      -    a backslash, and all whitespace characters that are written in their
      -    C-notation (<code>\n</code>, <code>\t</code> etc).</p>
      +    a backslash, and all whitespace characters which are written in their
      +    C-style notation (<code>\n</code>, <code>\t</code> etc).</p>
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99302 13f79535-47bb-0310-9956-ffa450edef68
      5f32e966
  2. Apr 07, 2003
  3. Apr 06, 2003
  4. Apr 05, 2003
  5. Apr 04, 2003