ho lokolloa ha seva e bobebe ea http . Phetolelo e ncha e na le liphetoho tse 149, haholo-holo kenyeletso ea ho tloaeleha ha URL ka boiketsetso, rework ea mod_webdav, le mosebetsi oa ho ntlafatsa ts'ebetso.
Ho tloha lighttpd 1.4.54 Boitšoaro ba seva bo amanang le ho tloaeleha ha URL ha e sebetsana le likopo tsa HTTP. Likhetho tsa ho lekola ka tieo boleng ho hlooho ea Host li kentsoe tšebetsong, ho tloaeleha ha lihokelo tse rometsoeng ka lihlooho le ho thibela lihokelo tse nang le litlhaku tse sa baleheng tsa taolo le tsona lia lumelloa. Ts'ebetso ea ho tloaeleha e kenyelletsa phetoho ea othomathike ea '\' ho '/', '%2F' ho '/', '%20' ho ea ho '+', tharollo le ho tlosoa ha likarolo tsa litsela tsa lifaele ka li-directory tsa '.'. le '..', ho hlalosa litlhaku tse phonyohileng '-', '.', '_' le '~'.
Haeba o lakatsa, boits'oaro ba ts'ebetso ea URL bo ka fetoloa litlhophisong ho sebelisoa likhetho tsa "header-strict", "host-strict", "host-normalize", "url-normalize", "url-normalize-unreserved", "url -normalize-ho hlokahala” ",
"url-ctrls-reject", "url-path-2f-decode", "url-path-dotseg-remove" le "url-query-20-plus", tse seng li setiloe ho "nobles".
Liphetoho tse ling li kenyelletsa ho tsosolosoa ka ho feletseng ha mojule oa mod_webdav, e leng se entseng hore ho khonehe ho finyella tumellano e feletseng le litlhaloso, ho ntlafatsa tshebetso le ho tšepahala. Har'a liphetoho tse senyang tumellano ho mod_webdav ke ho thibela likopo tse sa phethahalang tsa PUT. Mod_auth e eketsa tšehetso bakeng sa algorithm ea SHA-256 bakeng sa liparamente tsa netefatso ea hashing (HTTP Auth Digest).
Mojule o mocha, mod_maxminddb, o khothalelitsoe ho nkela mod_geoip sebaka (mod_geoip e se e tlositsoe).
Source: opennet.ru