[users@httpd] query regarding httpd server

Hello team, Is xss attack internally taken care by httpd apache server if yes kindly share the steps to activate for protection against such attack. Thanks and regards tej

[users@httpd] Expose SSL_CLIENT_S_DN_serialNumber (bz#35154)

Hello, Our organisation is setting up httpd with lemonldap to identify our users using smartcards (belgian eID). To do so, we need to access the serialNumber attribute which is not exposed by default. I found a BZ issue [1] with an old patch which I ported to the 2.4.x branch, is this something