Mercurial > hg > nginx
comparison src/core/ngx_output_chain.c @ 7882:b4073527be81
Disabled control characters in URIs.
Control characters (0x00-0x1f, 0x7f) were never allowed in URIs, and must
be percent-encoded by clients. Further, these are not believed to appear
in practice. On the other hand, passing such characters might make various
attacks possible or easier, despite the fact that currently allowed control
characters are not significant for HTTP request parsing.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 28 Jun 2021 18:01:15 +0300 |
parents | a7ff19afbb14 |
children | 862f6130d357 |
comparison
equal
deleted
inserted
replaced
7881:52338ddf9e2f | 7882:b4073527be81 |
---|