mirror of
https://github.com/asterisk/asterisk.git
synced 2026-02-14 04:00:32 +00:00
4681c54147
To address potential security issues, the httpstatus page is now disabled by default and the echoed query string and cookie output is html-escaped. Resolves: #GHSA-v6hp-wh3r-cwxh UpgradeNote: To prevent possible security issues, the `/httpstatus` page served by the internal web server is now disabled by default. To explicitly enable it, set `enable_status=yes` in http.conf.