DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=39746>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39746 ------- Additional Comments From [EMAIL PROTECTED] 2007-09-07 14:10 ------- >From my point of view reverting the patch would open a security hole similar to CVE-2007-1860 (see http://tomcat.apache.org/security-jk.html and http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860). So it is needed that the proxy code encodes the URL again before passing it to the backend to avoid unexpected double decodings. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
