Chenjp commented on PR #806: URL: https://github.com/apache/tomcat/pull/806#issuecomment-2586425470
> As per the response in the BZ, we're not going to address this (esp not using an unrelated configuration setting). Per message from apache httpd team: ``` It's true that mod_dav_fs does not restrict or enforce quotas on disk consumption, hence only trusted users should be given write access. This is covered in the documentation: https://httpd.apache.org/docs/2.4/mod/mod_dav.html#security The only thing that httpd/mod_dav tries to do here is that ensure that the request body length is restricted by LimitRequestBody. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
