I wanted to determine if a change to malloc's behavior has any impact
on CPU usage. Tuning malloc was necessary because mod_brotli and glibc
appear to conspire on our systems to waste lots of memory due to heap
fragmentation (lowering MALLOC_ARENA_MAX and MALLOC_TRIM_THRESHOLD_
seems to help).
How
> [...] What am I doing wrong?
[...]
>
> ProxyPass "http://127.0.0.1:3000/";
> ProxyPassReverse "http://127.0.0.0:3000/";
^
That should be a 127.0.0.1.
rainer
On Wed, Jun 29, 2016 at 10:27 AM, Yann Ylavic wrote:
> On Wed, Jun 29, 2016 at 9:33 AM, Plüm, Rüdiger, Vodafone Group
> wrote:
[..]
>>> We've observed multiple gateways, operated by e.g. AT&T, COLT and
>>> Vodafone, that inject additional Cookie: headers into client requests,
>>> such as
>>>
>>>
On Wed, Jun 29, 2016 at 2:02 AM, Joseph Schaefer wrote:
> Php's cookie parser can be more lax in treating ", " similar to "; ", that
> would be a better avenue of redress. Otherwise they can adopt libapreq2's
> cookie parsing code which has much richer support for merging cookie headers
> writ
On Tue, Jun 28, 2016 at 10:13 PM, William A Rowe Jr wrote:
> On Tue, Jun 28, 2016 at 2:29 PM, Rainer Canavan
> wrote:
>> It's not just the Cookie that's logged via %{}C that gets nonsense
>> appended, but the cookie parser of e.g. PHP behaves the same. I think
>&
On Tue, Jun 28, 2016 at 6:09 PM, Graham Leggett wrote:
> On 28 Jun 2016, at 4:29 PM, Rainer Canavan
> wrote:
>
>> We've observed multiple gateways, operated by e.g. AT&T, COLT and
>> Vodafone, that inject additional Cookie: headers into client requests,
>
Hi,
We've observed multiple gateways, operated by e.g. AT&T, COLT and
Vodafone, that inject additional Cookie: headers into client requests,
such as
Cookie: actually=from_the_client
Cookie: Bearer-Type=w-TCP
Cookie: network-access-type=UMTS
Apache httpd merges those headers into a single, comma
2015-12-11 19:59 GMT+01:00 Jim Jagielski :
> Just a quick reminder that the voting closes in about 90mins.
>
> tia!
builds and works according to my casual tests on IRIX mips as n32.
rainer
Hi,
is the commit message incorrect or the CHANGES file concerning CVE-2015-3183?
The commit message at
https://github.com/apache/httpd/commit/cd2b7a26c776b0754fb98426a67804fd48118708
uses CVE-2015-3183 for the "Replacement of ap_some_auth_required",
while the CHANGES uses it for "Remove apr_brig
