Merge r549159 from trunk:

      Fix CVE-2006-5752:

* modules/generators/mod_status.c (status_handler): Specify charset in
content-type to prevent browsers doing charset "detection", which
allows an XSS attack.  Use logitem-escaping on the request string to
make it charset-neutral.

Reported by: Stefan Esser <sesser hardened-php.net>
Submitted by: jorton
Reviewed by: jorton, fuankg, rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@556941 13f79535-47bb-0310-9956-ffa450edef68