Do not use the HTTP_HOST CGI variable,

just make the HTTP redirect Location: relative. Less user input is good, it reduces the attack surface. Besides, this removes one global variable and 4 lines of code. Patch from Sebastien Marie <semarie-openbsd at latrappe dot fr>.
author: Ingo Schwarze <schwarze@openbsd.org> 2014-07-18 19:03:39 +0000
committer: Ingo Schwarze <schwarze@openbsd.org> 2014-07-18 19:03:39 +0000
commit: d06d27331700307ee6ca6040c2bd638cafbeef2e (patch)
tree: 5bc2ef63f9cc3a7779e8cba69337c9bb4eeb21e3 /man.cgi.8
parent: d6b0c874c2cb135687f01f289844fc55b7fe06f1 (diff)
download: mandoc-d06d27331700307ee6ca6040c2bd638cafbeef2e.tar.gz
1 files changed, 0 insertions, 5 deletions
diff --git a/man.cgi.8 b/man.cgi.8
index 9539a43e..624e0207 100644
--- a/man.cgi.8
+++ b/man.cgi.8
@@ -266,11 +266,6 @@ is supported as an alias for
 The web server may pass the following CGI variables to
 .Nm :
 .Bl -tag -width Ds
-.It Ev HTTP_HOST
-The FQDN of the (possibly virtual) host the HTTP server is running on.
-This is used for
-.Ic Location:
-headers in HTTP 303 responses.
 .It Ev PATH_INFO
 The final part of the URI path passed from the client to the server,
 starting after the
author	Ingo Schwarze <schwarze@openbsd.org>	2014-07-18 19:03:39 +0000
committer	Ingo Schwarze <schwarze@openbsd.org>	2014-07-18 19:03:39 +0000
commit	d06d27331700307ee6ca6040c2bd638cafbeef2e (patch)
tree	5bc2ef63f9cc3a7779e8cba69337c9bb4eeb21e3 /man.cgi.8
parent	d6b0c874c2cb135687f01f289844fc55b7fe06f1 (diff)
download	mandoc-d06d27331700307ee6ca6040c2bd638cafbeef2e.tar.gz