Introduce request taint-checking concept.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1792169 13f79535-47bb-0310-9956-ffa450edef68
author: Nick Kew <niq@apache.org> 2017-04-21 08:44:06 +0000
committer: Nick Kew <niq@apache.org> 2017-04-21 08:44:06 +0000
commit: 38e269322b2e88d8c52f9aeb1db01ffbcecdcd13 (patch)
tree: bd264d60ee544ccbc907f973cfd09ce72565b8d9 /server/config.c
parent: b517584604ef06d9d07c9d570e3796c811d57b50 (diff)
download: httpd-38e269322b2e88d8c52f9aeb1db01ffbcecdcd13.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/server/config.c b/server/config.c
index 475c064e1d..b4326ff775 100644
--- a/server/config.c
+++ b/server/config.c
@@ -2196,6 +2196,8 @@ AP_CORE_DECLARE(int) ap_parse_htaccess(ap_conf_vector_t **result,
             const char *errmsg;
             ap_directive_t *temptree = NULL;
 
+            /* Mark the request as tainted by .htaccess */
+            r->taint |= AP_TAINT_HTACCESS;
             dc = ap_create_per_dir_config(r->pool);
 
             parms.config_file = f;
author	Nick Kew <niq@apache.org>	2017-04-21 08:44:06 +0000
committer	Nick Kew <niq@apache.org>	2017-04-21 08:44:06 +0000
commit	38e269322b2e88d8c52f9aeb1db01ffbcecdcd13 (patch)
tree	bd264d60ee544ccbc907f973cfd09ce72565b8d9 /server/config.c
parent	b517584604ef06d9d07c9d570e3796c811d57b50 (diff)
download	httpd-38e269322b2e88d8c52f9aeb1db01ffbcecdcd13.tar.gz