From 46e8fd1eb7bbb5d8aaaf8b10ab9dfcba9eeeab48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20W=C3=BCrth?= <ravage@bluewin.ch>
Date: Tue, 19 Jul 2016 16:23:27 +0200
Subject: [PATCH] Add fix for the httpoxy vulnerability

Refs https://github.com/cakephp/cakephp/issues/9137#issuecomment-233637635
---
 app/webroot/.htaccess | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/webroot/.htaccess b/app/webroot/.htaccess
index 1d499ba73..e3543be40 100644
--- a/app/webroot/.htaccess
+++ b/app/webroot/.htaccess
@@ -1,3 +1,9 @@
+# Uncomment the following to prevent the httpoxy vulnerability
+# See: https://httpoxy.org/
+#<IfModule mod_headers.c>
+#	RequestHeader unset Proxy
+#</IfModule>
+
 <IfModule mod_rewrite.c>
 	RewriteEngine On
 	RewriteCond %{REQUEST_FILENAME} !-d