www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

* Set character set for HTML outputs generated by mod_ldap,

Browse Source 
mod_proxy_balancer, mod_proxy_ftp, mod_info, mod_dav without a character
  set to ISO-8859-1.

Submitted by: jorton


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@606693 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Ruediger Pluem
2007-12-24 11:45:22 +00:00
parent 897c00dfc0
commit b514669c7a
6 changed files with 21 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
CHANGES
View File

@@ -2,6 +2,22 @@
Changes with Apache 2.3.0 Changes with Apache 2.3.0
[ When backported to 2.2.x, remove entry from this file ] [ When backported to 2.2.x, remove entry from this file ]
*) mod_ldap: Set character set for status page to ISO-8859-1 to avoid
UTF-7 XSS vulnerabilities of certain browsers. [Joe Orton]
*) mod_proxy_balancer: Set character set for balancer manager to ISO-8859-1
to avoid UTF-7 XSS vulnerabilities of certain browsers. [Joe Orton]
*) mod_proxy_ftp: Set character set for generated FTP directory listing to
ISO-8859-1 to avoid UTF-7 XSS vulnerabilities of certain browsers.
[Joe Orton]
*) mod_info: Set character set for info page to ISO-8859-1 to avoid
UTF-7 XSS vulnerabilities of certain browsers. [Joe Orton]
*) mod_dav: Set character set for error pages to ISO-8859-1 to avoid
UTF-7 XSS vulnerabilities of certain browsers. [Joe Orton]
*) mod_ssl: Added server name indication support (RFC 4366). *) mod_ssl: Added server name indication support (RFC 4366).
PR 34607. [Kaspar Brand <asfbugz velox.ch>] PR 34607. [Kaspar Brand <asfbugz velox.ch>]

2
modules/dav/main/mod_dav.c
View File

@@ -314,7 +314,7 @@ static int dav_error_response(request_rec *r, int status, const char *body)
{ {
r->status = status; r->status = status;
ap_set_content_type(r, "text/html"); ap_set_content_type(r, "text/html; charset=ISO-8859-1");
/* begin the response now... */ /* begin the response now... */
ap_rvputs(r, ap_rvputs(r,

2
modules/generators/mod_info.c
View File

@@ -608,7 +608,7 @@ static int display_info(request_rec * r)
if (r->method_number != M_GET) if (r->method_number != M_GET)
return DECLINED; return DECLINED;
ap_set_content_type(r, "text/html"); ap_set_content_type(r, "text/html; charset=ISO-8859-1");
ap_rputs(DOCTYPE_XHTML_1_0T ap_rputs(DOCTYPE_XHTML_1_0T
"<html xmlns=\"http://www.w3.org/1999/xhtml\">\n" "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"

2
modules/ldap/util_ldap.c
View File

@@ -106,7 +106,7 @@ static int util_ldap_handler(request_rec *r)
return DECLINED; return DECLINED;
} }
ap_set_content_type(r, "text/html"); ap_set_content_type(r, "text/html; charset=ISO-8859-1");
if (r->header_only) if (r->header_only)
return OK; return OK;

2
modules/proxy/mod_proxy_balancer.c
View File

@@ -753,7 +753,7 @@ static int balancer_handler(request_rec *r)
ap_rputs("</httpd:manager>", r); ap_rputs("</httpd:manager>", r);
} }
else { else {
ap_set_content_type(r, "text/html"); ap_set_content_type(r, "text/html; charset=ISO-8859-1");
ap_rputs(DOCTYPE_HTML_3_2 ap_rputs(DOCTYPE_HTML_3_2
"<html><head><title>Balancer Manager</title></head>\n", r); "<html><head><title>Balancer Manager</title></head>\n", r);
ap_rputs("<body><h1>Load Balancer Manager for ", r); ap_rputs("<body><h1>Load Balancer Manager for ", r);

2
modules/proxy/mod_proxy_ftp.c
View File

@@ -1691,7 +1691,7 @@ static int proxy_ftp_handler(request_rec *r, proxy_worker *worker,
/* set content-type */ /* set content-type */
if (dirlisting) { if (dirlisting) {
ap_set_content_type(r, "text/html"); ap_set_content_type(r, "text/html; charset=ISO-8859-1");
} }
else { else {
if (r->content_type) { if (r->content_type) {