commit | 4cbb23f8f278fd1f71dcd5968aa0b3f0b4f3bd5d | [log] [tgz] |
---|---|---|
author | Senthil Kumaran <senthil@uthcode.com> | Sat Jul 30 23:24:16 2016 -0700 |
committer | Senthil Kumaran <senthil@uthcode.com> | Sat Jul 30 23:24:16 2016 -0700 |
tree | 6b9afcfb2dbbcaba109a7b00785f711af576c538 | |
parent | d27a7c1f22b263a3eef5d380c7058c993bd3a451 [diff] |
Prevent HTTPoxy attack (CVE-2016-1000110) Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates that the script is in CGI mode. Issue #27568 Reported and patch contributed by RĂ©mi Rampin.