[Bug 61355] DirectorySlash directive should use protocol in X-Forwarded-Proto header when available

bugzilla Tue, 18 Dec 2018 05:58:53 -0800

https://bz.apache.org/bugzilla/show_bug.cgi?id=61355


Axel Reinhold <apa...@freakout.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |---

--- Comment #3 from Axel Reinhold <apa...@freakout.de> ---
Ok - but then following config is the same threat:

SetEnvIf X-Forwarded-Proto https HTTPS=on
SetEnvIf X-Forwarded-Proto https REQUEST_SCHEME=https

And this is recommended everywhere to do!

Anyways i will try to create a patch for mod_remoteip
which uses the list of trusted peers.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org

[Bug 61355] DirectorySlash directive should use protocol in X-Forwarded-Proto header when available

Reply via email to