Welcome! Log In Create A New Profile

Advanced

[ANNOUNCE] ngx_xss v0.02: fixed a bug to prevent responses from gzipping

Previous Message Next Message
Forum List Message List New Topic Print View
agentzh
June 22, 2010 05:48AM
Hi, all~

I'm glad to announce the v0.02 release of the ngx_xss module:

http://github.com/agentzh/xss-nginx-module/tarball/v0.02

This module provides native cross-site scripting (XSS) support in
nginx, and cross-site GET via JSONP in particular. Please visit the
project homepage for more details:

http://github.com/agentzh/xss-nginx-module

This release fixes a nasty bug in Content-Type header handling. The
previous version does not clear r->headers_out.content_type_lowcase
which sadly prevents responses from being compressed by the
ngx_http_gzip_filter_module if configured.

Thanks my teammate kindy++ for catching it in our production environment :P

Cheers,
-agentzh

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

[ANNOUNCE] ngx_xss v0.02: fixed a bug to prevent responses from gzipping

agentzh 2956 June 22, 2010 05:48AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 282
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready