]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ec4e0ed) | patch
Merge r661666 from trunk:
authorJim Jagielski <jim@apache.org>
Thu, 5 Jun 2008 10:01:30 +0000 (10:01 +0000)
committerJim Jagielski <jim@apache.org>
Thu, 5 Jun 2008 10:01:30 +0000 (10:01 +0000)
commitb74f25bceea9f81abdb1856cb1fbe63734c6b13c
treec155670e259c0b97d307c09378ea0e26931ac5aetree
parentec4e0ed740f260ac69d18a568eb394b9dd185fc5commit | diff
Merge r661666 from trunk:

Prevent CSRF attacks against the balancer-manager (CVE-2007-6420)

* modules/proxy/mod_proxy_balancer.c (balancer_init): New function.
  (balancer_handler): Place a nonce in the form output, and check that
  the submitted form data includes that nonce.
  (ap_proxy_balancer_register_hook): Register the new post_config hook.

Submitted by: jorton
Reviewed by: jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@663514 13f79535-47bb-0310-9956-ffa450edef68
CHANGES diff | blob | blame | history
STATUS diff | blob | blame | history
modules/proxy/mod_proxy_balancer.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git