https://bz.apache.org/bugzilla/show_bug.cgi?id=57832
--- Comment #9 from regilero <[email protected]> --- This version is OK. Stored injections are always detected, small and big. The only way to inject a new response is to have a fine control of the backend stream and use timers between responses, which ,by definition, cannot be detected by mod_proxy. So it's almost good. I think there's maybe just one problem with responses from backends containing one extra CRLF. This is already managed by mod_proxy and allowed by the RFC. But here, if I'm not wrong on my tests, it makes a connection status 2. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
