[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 61355] DirectorySlash directive should use protocol in X-Forwarded-Proto header when available


Axel Reinhold <apache@xxxxxxxxxxx> changed:

           What    |Removed                     |Added
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |---

--- Comment #3 from Axel Reinhold <apache@xxxxxxxxxxx> ---
Ok - but then following config is the same threat:

SetEnvIf X-Forwarded-Proto https HTTPS=on
SetEnvIf X-Forwarded-Proto https REQUEST_SCHEME=https

And this is recommended everywhere to do!

Anyways i will try to create a patch for mod_remoteip
which uses the list of trusted peers.

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx