On Sunday 11 May 2014 06:25:53 B.R. wrote:
[..]
> What is the benefit of having those unescaped control characters in a log
> file? Escaping them allows you to warn about their presence safely... and
> that is directly exploitable by anything, once again safely.
The benefit is that you can easily find in error/debug log exactly what
a client has sent with binary precision, and therefore better diagnose
a problem. And this actually is the main purpose of error log (normally
it's just empty).
wbr, Valentin V. Bartenev
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx