| commit | a1c4506c011b071a9aef0145827b51ffe4d5cd60 | |
| author | Eric Wong <normalperson@yhbt.net> | |
| Tue, 6 Dec 2011 02:52:21 +0000 (5 18:52 -0800) | ||
| committer | Eric Wong <normalperson@yhbt.net> | |
| Tue, 6 Dec 2011 02:57:40 +0000 (5 18:57 -0800) | ||
| tree | da6a8fb01b0eb547eee0480270d28b188c9a2b70 | treesnapshot (tar.gz zip) |
| parent | 3a47f23e74a681339f74b21b94241dcfe9542472 | commitdiff |
clogger 1.1.0 - more escaping!
This release fixes potential vulnerabilities when escape
sequences are viewed in certain terminals.
The 0x7F-0xFF byte range is escaped to match behavior of nginx
1.0.9+, as some character sets may have escape characters in
that range.
$cookie_* values are now escaped to be consistent with the
behavior of the $http_cookie value. All users of $cookie_* in
their log format must upgrade (of course there may be no
Clogger users other than myself, and I don't use $cookie_*)
This release fixes potential vulnerabilities when escape
sequences are viewed in certain terminals.
The 0x7F-0xFF byte range is escaped to match behavior of nginx
1.0.9+, as some character sets may have escape characters in
that range.
$cookie_* values are now escaped to be consistent with the
behavior of the $http_cookie value. All users of $cookie_* in
their log format must upgrade (of course there may be no
Clogger users other than myself, and I don't use $cookie_*)
| GIT-VERSION-GEN | diffblobblamehistory |