YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Possible HTTP-Splitting vulnerability

Browse source 
Problem: [http_splitting] Possible HTTP-Splitting vulnerability.
Description: Using variables that can contain "\n" may lead to http injection.
Additional info: https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md
Reason: At least variable "$uri" can contain "\n"
This commit is contained in:
Jeremy MANSON 2017-05-16 13:47:23 +02:00 committed by GitHub
parent 8ef03cd28f
commit e6bad9f5a4
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
conf/nginx.conf
View file

@ -38,7 +38,7 @@ location ^~ #LOCATION# {
#rewrite ^/.well-known/host-meta.json #PATH#/public.php?service=host-meta-json last;
location #LOCATION# {
rewrite ^ #PATH#/index.php$uri;
rewrite ^ #PATH#/index.php$request_uri;
}
location = #PATH#/robots.txt {