Mark, On 2/6/14, 6:37 AM, Mark Thomas wrote: > Mitigation: > [...] > - Limit the size of the Content-Type header to less than 4091 bytes
Just confirming that I've read this properly: limiting the size of the content-type *header* to 4901 bytes? So, don't accept "Content-Type: [4k worth of data]" as a header? Thanks, -chris
signature.asc
Description: OpenPGP digital signature
