revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-09-21 01:38:48 +02:00
Code Issues Releases Wiki Activity
phorge-phorge/src/aphront
History
epriestley e8a7d8a905 Provide software protections for HTTP response splitting 
Summary:
This addresses a few things:

  - Provide a software HTTP response spliting guard as an extra layer of
security, see http://news.php.net/php.internals/57655 and who knows what HPHP/i
does.
  - Cleans up webroot/index.php a little bit, I want to get that file under
control eventually.
  - Eventually I want to collect bytes in/out metrics and this allows us to do
that easily.
  - We may eventually want to write to a socket or do something else like that,
ala Litespawn.

Test Plan:
  - Ran unit tests.
  - Browsed around, checked headers and HTTP status codes.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1564
2012-02-06 09:59:34 -08:00
..
applicationconfiguration Automatically redirect 404's that wouldn't be 404s if they had a trailing slash 2011-04-04 10:29:46 -07:00
console Minor, fix number_format() warning. 2012-01-05 09:09:36 -08:00
controller Modularize oauth. 2011-02-27 20:38:11 -08:00
default Clean up initialization of Differential Show More Behavior in Maniphest 2012-02-03 13:58:58 -08:00
exception Fix conservative CSRF token cycling limit 2011-07-14 08:09:40 -07:00
mapper Import some code, some of which may be relevant to the project. 2011-01-17 19:31:39 -08:00
request Improve error message for Conduit path problems 2012-01-16 11:48:21 -08:00
response Improve Differential handling of disabled users 2012-01-17 09:27:19 -08:00
sink Provide software protections for HTTP response splitting 2012-02-06 09:59:34 -08:00
writeguard Create AphrontWriteGuard, a backup mechanism for CSRF validation 2011-08-16 13:29:57 -07:00