area/securityhelp wantedpriority/hightech debt
Repository metrics
- Stars
- (27,997 stars)
- PR merge metrics
- (平均マージ 8d) (30d で 378 merged PRs)
説明
The fix for CVE-2019-9900, provided a coarse grained ability to opt-in/out of path normalization. That is, you could either normalize, in which case both normalization was used for matching and transforming the path to the upstream, or not normalize.
Ideally we provide finer grained controls similar to Nginx, where users can opt to normalize for match independent of transforming the path to the upstream.
CC @PiotrSikora
Action item for CVE-2019-9901