mirror of
https://github.com/asterisk/asterisk.git
synced 2026-05-04 20:33:53 +00:00
4681c54147
To address potential security issues, the httpstatus page is now disabled by default and the echoed query string and cookie output is html-escaped. Resolves: #GHSA-v6hp-wh3r-cwxh UpgradeNote: To prevent possible security issues, the `/httpstatus` page served by the internal web server is now disabled by default. To explicitly enable it, set `enable_status=yes` in http.conf.