mirror of
https://github.com/asterisk/asterisk.git
synced 2026-07-07 23:29:20 -07:00
444be00e05
To address potential security issues, the httpstatus page is now disabled by default and the echoed query string and cookie output is html-escaped. Resolves: #GHSA-v6hp-wh3r-cwxh UpgradeNote: To prevent possible security issues, the `/httpstatus` page served by the internal web server is now disabled by default. To explicitly enable it, set `enable_status=yes` in http.conf.