projects
/
fusionforge
/
fusionforge.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
project home
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Block potential XSS/XST attacks by restricting allowed HTTP methods (inspired by...
[fusionforge/fusionforge.git]
/
gforge
/
etc
/
httpd.d
/
07maindirhttp.ssl
diff --git
a/gforge/etc/httpd.d/07maindirhttp.ssl
b/gforge/etc/httpd.d/07maindirhttp.ssl
index e05cd2590b48002fb424e21aafe4c0f21275d953..5eae09490776df4271d056ae9299fa5e86fdcb94 100644
(file)
--- a/
gforge/etc/httpd.d/07maindirhttp.ssl
+++ b/
gforge/etc/httpd.d/07maindirhttp.ssl
@@
-65,5
+65,9
@@
Order allow,deny
allow from all
</Directory>
+
+ <LimitExcept GET POST HEAD>
+ deny from all
+ </LimitExcept>
</VirtualHost>