[LON-CAPA-cvs] cvs: doc /loncapafiles webserver.piml
raeburn
raeburn at source.lon-capa.org
Mon Feb 17 08:44:12 EST 2020
raeburn Mon Feb 17 13:44:12 2020 EDT
Modified files:
/doc/loncapafiles webserver.piml
Log:
- Accommodate Apache 2.4 updated to address CVE-2019-0220, in which
multiple consecutive slashes are collapsed into a single slash.
Index: doc/loncapafiles/webserver.piml
diff -u doc/loncapafiles/webserver.piml:1.51 doc/loncapafiles/webserver.piml:1.52
--- doc/loncapafiles/webserver.piml:1.51 Sun Feb 16 21:57:59 2020
+++ doc/loncapafiles/webserver.piml Mon Feb 17 13:44:12 2020
@@ -2,7 +2,7 @@
"http://lpml.sourceforge.net/DTD/piml.dtd">
<!-- webserver.piml -->
-<!-- $Id: webserver.piml,v 1.51 2020/02/16 21:57:59 raeburn Exp $ -->
+<!-- $Id: webserver.piml,v 1.52 2020/02/17 13:44:12 raeburn Exp $ -->
<!--
@@ -229,7 +229,7 @@
my $hostip = Socket::inet_ntoa(scalar(gethostbyname($hostname)) || 'localhost');
my @expected = ('RewriteCond %{REQUEST_URI} ^/adm/wrapper/ext/(?!https:)',
'RewriteCond %{QUERY_STRING} (^|&(|amp;))usehttp=1($|&)',
- 'RewriteRule ^/adm/wrapper/ext/(?!https:\/\/) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]',
+ 'RewriteRule ^/adm/wrapper/ext/(?!https:) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]',
'RewriteCond %{REMOTE_ADDR} 127.0.0.1',
'RewriteRule (.*) - [L]');
if (($hostip ne '') && ($hostip ne '127.0.0.1')) {
More information about the LON-CAPA-cvs
mailing list