HTTP response splitting

Amit Klein, Steve Orrin

Research output: Contribution to specialist publicationArticle

Abstract

The HTTP response splitting, which is a new attack technique with a large impact on various web environments is discussed. HTTP response splitting enables various attacks such as web cache poisoning, cross-user defacement, page hijacking of user information, and cross-site scripting (XSS). HTTP response splitting attack involves the web server, the target, which interacts with the web server, and the attacker who initiates the attack. The HTTP technique is can only be applied to applications that do not validate their input before embedding it into HTTP response header.

Original languageEnglish
Pages50-52
Number of pages3
Volume29
No8
Specialist publicationDr. Dobb's Journal
StatePublished - Aug 2004
Externally publishedYes

Fingerprint

Dive into the research topics of 'HTTP response splitting'. Together they form a unique fingerprint.

Cite this