Unsafe methods (such as DELETE) should reject requests where the request URI contains a fragment identifier. Otherwise, request by broken clients such as MS Webfolder Client version 10.145.3914.17 may cause unintentional removals of whole collections. Example: - take resource "a/%23b" and DELETE it with the aforementioned client - client submits DELETE to "a/#" - fragment id get stripped, DELETE gets applied to the parent collection (I'd personally prefer httpd to reject all requests with illegal request URIs, but I'm not sure that the removal of what seems to be a workaround for broken clients is acceptable)
*** This bug has been marked as a duplicate of 21799 ***
Oops, wrong bug.
Correct duplicate. *** This bug has been marked as a duplicate of 21779 ***