HTTP request smuggling
HTTP request smuggling is a security exploit on the HTTP protocol that uses inconsistency between the interpretation of Content-length
and/or Transfer-encoding
headers between HTTP server implementations in an HTTP proxy server chain.[1][2]
HTTP |
---|
Request methods |
Header fields |
Status codes |
Security access control methods |
Security vulnerabilities |
References
- "CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') (4.0)". cwe.mitre.org. Retrieved 2020-03-13.
- "What is HTTP request smuggling? Tutorial & Examples | Web Security Academy". portswigger.net. Retrieved 2020-03-13.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.