https://issues.apache.org/bugzilla/show_bug.cgi?id=57330
Eric Covener <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Resolution|--- |INVALID --- Comment #6 from Eric Covener <[email protected]> --- IMO you're describing a vulnerable application making use of a configured and working as designed mod_include, so there is no httpd bug to track here. mod_include is not tasked with figuring out if a response configured to be SSI processed can be trusted. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
