Sophie

Sophie

distrib > * > 2008.0 > x86_64 > by-pkgid > 66dd8410cea698ad8af2319531055d1b > files > 38

apache-2.2.6-8.2mdv2008.0.src.rpm


http://svn.apache.org/viewvc?view=rev&revision=603282 

--- httpd-2.2.3/modules/mappers/mod_imagemap.c.cve5000
+++ httpd-2.2.3/modules/mappers/mod_imagemap.c
@@ -479,13 +479,16 @@ static int imap_reply(request_rec *r, ch
 
 static void menu_header(request_rec *r, char *menu)
 {
-    ap_set_content_type(r, "text/html");
+    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
 
-    ap_rvputs(r, DOCTYPE_HTML_3_2, "<html><head>\n<title>Menu for ", r->uri,
-           "</title>\n</head><body>\n", NULL);
+    ap_rvputs(r, DOCTYPE_HTML_3_2, "<html><head>\n<title>Menu for ", 
+              ap_escape_html(r->pool, r->uri),
+              "</title>\n</head><body>\n", NULL);
 
     if (!strcasecmp(menu, "formatted")) {
-        ap_rvputs(r, "<h1>Menu for ", r->uri, "</h1>\n<hr />\n\n", NULL);
+        ap_rvputs(r, "<h1>Menu for ", 
+                  ap_escape_html(r->pool, r->uri),
+                  "</h1>\n<hr />\n\n", NULL);
     }
 
     return;

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional