mirror of
https://github.com/YunoHost-Apps/nextcloud_ynh.git
synced 2024-09-03 19:55:57 +02:00
Possible HTTP-Splitting vulnerability (#33)
Problem: [http_splitting] Possible HTTP-Splitting vulnerability. Description: Using variables that can contain "\n" may lead to http injection. Additional info: https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md Reason: At least variable "$uri" can contain "\n"
This commit is contained in:
parent
1a552c32a2
commit
769eedfa00
1 changed files with 1 additions and 1 deletions
|
@ -37,7 +37,7 @@ location ^~ #LOCATION# {
|
|||
#rewrite ^/.well-known/host-meta.json #PATH#/public.php?service=host-meta-json last;
|
||||
|
||||
location #LOCATION# {
|
||||
rewrite ^ #PATH#/index.php$uri;
|
||||
rewrite ^ #PATH#/index.php$request_uri;
|
||||
}
|
||||
|
||||
location = #PATH#/robots.txt {
|
||||
|
|
Loading…
Add table
Reference in a new issue