From 31d85243ba13abebc7df77de696c6418c29c3953 Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@apache.org>
Date: Wed, 5 Oct 2011 15:40:08 +0000
Subject: [PATCH] - add note here in light of CVE-2011-3368

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1179272 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/mod/mod_proxy.xml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docs/manual/mod/mod_proxy.xml b/docs/manual/mod/mod_proxy.xml
index 0254f29561..d694301e4a 100644
--- a/docs/manual/mod/mod_proxy.xml
+++ b/docs/manual/mod/mod_proxy.xml
@@ -1220,6 +1220,15 @@ expressions</description>
     <p>If you require a more flexible reverse-proxy configuration, see the
     <directive module="mod_rewrite">RewriteRule</directive> directive with the
     <code>[P]</code> flag.</p>
+
+    <note type="warning">
+      <title>Security Warning</title>
+      <p>Take care when constructing the target URL of the rule, considering
+        the security impact from allowing the client influence over the set of
+        URLs to which your server will act as a proxy.  Ensure that the scheme
+        and hostname part of the URL is either fixed, or does not allow the
+        client undue influence.</p>
+    </note>
 </usage>
 </directivesynopsis>
 
-- 
2.40.0