Abstract
The HTTP response splitting, which is a new attack technique with a large impact on various web environments is discussed. HTTP response splitting enables various attacks such as web cache poisoning, cross-user defacement, page hijacking of user information, and cross-site scripting (XSS). HTTP response splitting attack involves the web server, the target, which interacts with the web server, and the attacker who initiates the attack. The HTTP technique is can only be applied to applications that do not validate their input before embedding it into HTTP response header.
Original language | English |
---|---|
Pages | 50-52 |
Number of pages | 3 |
Volume | 29 |
No | 8 |
Specialist publication | Dr. Dobb's Journal |
State | Published - Aug 2004 |
Externally published | Yes |