On Mon, Jan 12, 2004 at 12:04:38AM -0000, [EMAIL PROTECTED] wrote: > * mod_dav: Reject requests including fragment part in the Request-URI. > > http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/main/mod_dav.c?r1=1.102&r2=1.103 > PR: 21779 > +1: jorton > + nd asks: Should we make it runtime configurable either to 400, drop the > + fragment or just treat it as part of the filename?
I missed this till now, sorry. I don't see why it's worth a config option: the client is generating an invalid request, so let it break rather than trying to second-guess the escaping rules. The error_log message makes it clear what is wrong. Regards, joe
