https://bz.apache.org/bugzilla/show_bug.cgi?id=56718
--- Comment #5 from Michael Kaufmann <[email protected]> --- I think that this is an important issue. The patch/bugfix will prevent many attacks. The latest patch could be improved: If the request does not have a "Host" header (HTTP 1.0) and if an absolute URI is used, then a "Host" header should be added to the request. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
