mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-24 15:52:41 +01:00
No description
4da3b096b0
Summary: Since Apache HTTP Server 2.4.61 including https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/mappers/mod_rewrite.c?r1=1918560&r2=1918561&pathrev=1918561&diff_format=h due to https://www.cve.org/CVERecord?id=CVE-2024-38474, URIs including %3F throw a HTTP 403 error and the following error log entry: `AH10508: Unsafe URL with %3f URL rewritten without UnsafeAllow3F` Update the corresponding RewriteRule in the Phorge configuration guide to explicitly set UnsafeAllow3F. https://httpd.apache.org/docs/2.4/rewrite/flags.html#flag_unsafe_allow_3f Closes T15889 Test Plan: Run Apache HTTP Server 2.4.61, go to https://phorge.localhost/maniphest/task/edit/form/default/?title=%3f and get a HTTP 403 (before) or a "?" as task title (after). Reviewers: O1 Blessed Committers, valerio.bozzolan Reviewed By: O1 Blessed Committers, valerio.bozzolan Subscribers: tobiaswiese, valerio.bozzolan, Matthew, Cigaryno Maniphest Tasks: T15889 Differential Revision: https://we.phorge.it/D25739 |
||
|---|---|---|
| bin | ||
| conf | ||
| externals | ||
| resources | ||
| scripts | ||
| src | ||
| support | ||
| webroot | ||
| .arcconfig | ||
| .arclint | ||
| .arcunit | ||
| .editorconfig | ||
| .gitignore | ||
| LICENSE | ||
| NOTICE | ||
| README.md | ||
Phorge is a collection of web applications which help software companies build better software.
Phorge is a community-maintained fork of Phabricator.
Phorge includes applications for:
- reviewing and auditing source code;
- hosting and browsing repositories;
- tracking bugs;
- managing projects;
- conversing with team members;
- assembling a party to venture forth;
- writing stuff down and reading it later;
- hiding stuff from coworkers; and
- also some other things.
Phorge is developed and maintained by The Phorge Team.
LICENSE
Phorge is released under the Apache 2.0 license except as otherwise noted.