- `build.sh all`

author Joe Orton <jorton@apache.org>

Wed, 5 Oct 2011 15:43:18 +0000 (15:43 +0000)

committer Joe Orton <jorton@apache.org>

Wed, 5 Oct 2011 15:43:18 +0000 (15:43 +0000)
author Joe Orton <jorton@apache.org>
Wed, 5 Oct 2011 15:43:18 +0000 (15:43 +0000)
committer Joe Orton <jorton@apache.org>
Wed, 5 Oct 2011 15:43:18 +0000 (15:43 +0000)
diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en

index 60ece22151c9da5121a92fbbe6f0a8badc9f0964..625cfe1c0c62d078f1b3f9624657faeeeee873fd 100644 (file)
--- a/docs/manual/mod/mod_proxy.html.en
+++ b/docs/manual/mod/mod_proxy.html.en
@@ -1393,6 +1393,15 @@ through</td></tr>
      <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive with the
      <code>[P]</code> flag.</p>
  
+    <div class="warning">
+      <h3>Security Warning</h3>
+      <p>Take care when constructing the target URL of the rule, considering
+        the security impact from allowing the client influence over the set of
+        URLs to which your server will act as a proxy.  Ensure that the scheme
+        and hostname part of the URL is either fixed, or does not allow the
+        client undue influence.</p>
+    </div>
+
  </div>
  <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
  <div class="directive-section"><h2><a name="ProxyPassReverse" id="ProxyPassReverse">ProxyPassReverse</a> <a name="proxypassreverse" id="proxypassreverse">Directive</a></h2>
diff --git a/docs/manual/mod/mod_proxy.xml.ja b/docs/manual/mod/mod_proxy.xml.ja

index 9300953f3953fa71cb5113e39eb469336c3faf31..6e2035d3f02120cf4a8b4c44e64baa1a499498f6 100644 (file)
--- a/docs/manual/mod/mod_proxy.xml.ja
+++ b/docs/manual/mod/mod_proxy.xml.ja
@@ -1,7 +1,7 @@
  <?xml version="1.0" encoding="UTF-8" ?>
  <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
  <?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 344971:1170273 (outdated) -->
+<!-- English Revision: 344971:1179272 (outdated) -->
  
  <!--
   Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/docs/manual/rewrite/flags.html.en b/docs/manual/rewrite/flags.html.en

index 08842b23e13d30f309948779adc54b6dec2880d3..c3591bb5d676ea7ed21e6dd6c7e440049c1fa213 100644 (file)
--- a/docs/manual/rewrite/flags.html.en
+++ b/docs/manual/rewrite/flags.html.en
@@ -483,7 +483,7 @@ example, if you wanted all image requests to be handled by a back-end
  image server, you might do something like the following:</p>
  
  <div class="example"><p><code>
-RewriteRule (.*)\.(jpg|gif|png) http://images.example.com$1.$2 [P]
+RewriteRule /(.*)\.(jpg|gif|png) http://images.example.com/$1.$2 [P]
  </code></p></div>
  
  <p>Use of the [P] flag implies [L] - that is, the request is immediately
@@ -498,6 +498,15 @@ error from the proxy module. Use this flag to achieve a
  more powerful implementation of the <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code> directive,
  to map remote content into the namespace of the local server.</p>
  
+<div class="warning">
+<h3>Security Warning</h3>
+<p>Take care when constructing the target URL of the rule, considering
+the security impact from allowing the client influence over the set of
+URLs to which your server will act as a proxy.  Ensure that the scheme
+and hostname part of the URL is either fixed, or does not allow the
+client undue influence.</p>
+</div>
+
  <p>Note: <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> must be enabled in order
  to use this flag.</p>
author	Joe Orton <jorton@apache.org>
	Wed, 5 Oct 2011 15:43:18 +0000 (15:43 +0000)
committer	Joe Orton <jorton@apache.org>
	Wed, 5 Oct 2011 15:43:18 +0000 (15:43 +0000)
docs/manual/mod/mod_proxy.html.en		patch \| blob \| history
docs/manual/mod/mod_proxy.xml.ja		patch \| blob \| history
docs/manual/rewrite/flags.html.en		patch \| blob \| history