Global Information Lookup Global Information

HTTP request smuggling information


HTTP
  • Persistence
  • Compression
  • HTTPS
  • QUIC
Request methods
  • OPTIONS
  • GET
  • HEAD
  • POST
  • PUT
  • DELETE
  • TRACE
  • CONNECT
  • PATCH
Header fields
  • Cookie
  • ETag
  • Location
  • HTTP referer
  • DNT
  • X-Forwarded-For
Response status codes
  • 301 Moved Permanently
  • 302 Found
  • 303 See Other
  • 403 Forbidden
  • 404 Not Found
  • 451 Unavailable for Legal Reasons
Security access control methods
  • Basic access authentication
  • Digest access authentication
Security vulnerabilities
  • HTTP header injection
  • HTTP request smuggling
  • HTTP response splitting
  • HTTP parameter pollution
  • v
  • t
  • e

HTTP request smuggling (HRS) is a security exploit on the HTTP protocol that takes advantage of an inconsistency between the interpretation of Content-Length and Transfer-Encoding headers between HTTP server implementations in an HTTP proxy server chain.[1][2] It was first documented in 2005 by Linhart et al.[3]

The Transfer-Encoding header works by defining a directive on how to interpret the body of the HTTP request, with the common and necessary directive for this attack being the chunked transfer encoding.[4] When the Transfer-Encoding header is present, the Content-Length header is supposed to be omitted.[4] Working similarly but with a different syntax, the Content-Length header works by specifying the size in bytes of the body as a value in the header itself. [5] Vulnerabilities arise when both of these headers are included in a malicious HTTP request, bypassing security functions meant to prevent malicious HTTP queries to the server by causing either the front-end or back-end server to incorrectly interpret the request. [6] HTTP request smuggling commonly takes the form of CL.TE, TE.CL, or TE.TE, although more complex attacks using HRS do exist. [6]

  1. ^ "CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') (4.0)". cwe.mitre.org. Retrieved 2020-03-13.
  2. ^ "What is HTTP request smuggling? Tutorial & Examples | Web Security Academy". portswigger.net. Retrieved 2020-03-13.
  3. ^ Linhart, Chaim; Klein, Amit; Heled, Ronen; Orrin, Steve (2005). "HTTP request smuggling" (PDF).
  4. ^ a b "Transfer-Encoding". developer.mozilla.org. Retrieved 2022-12-15.
  5. ^ "Content-Length". developer.mozilla.org. Retrieved 2022-12-15.
  6. ^ a b "HTTP Request Smuggling". imperva.com. Retrieved 2022-12-15.

and 26 Related for: HTTP request smuggling information

Request time (Page generated in 1.3153 seconds.)

HTTP request smuggling

Last Update:

HTTP request smuggling (HRS) is a security exploit on the HTTP protocol that takes advantage of an inconsistency between the interpretation of Content-Length...

Word Count : 864

HTTP

Last Update:

first HTTP version, named 0.9. That version was subsequently developed, eventually becoming the public 1.0. Development of early HTTP Requests for Comments...

Word Count : 7788

HTTP 404

Last Update:

Wide Web. When communicating via HTTP, a server is required to respond to a request, such as a web browser request for a web page, with a numeric response...

Word Count : 2308

HTTP 403

Last Update:

HTTP 403 is an HTTP status code meaning access to the requested resource is forbidden. The server understood the request, but will not fulfill it, if it...

Word Count : 881

List of HTTP status codes

Last Update:

Hypertext Transfer Protocol (HTTP) response status codes. Status codes are issued by a server in response to a client's request made to the server. It includes...

Word Count : 5526

HTTP 302

Last Update:

changing the request type of the new request to GET, regardless of the type employed in the original request (e.g. POST). For this reason, HTTP/1.1 (RFC 2616)...

Word Count : 304

HTTP 301

Last Update:

response to a request of any type other than GET or HEAD, the client must ask the user before redirecting. Client request: GET /index.php HTTP/1.1 Host: www...

Word Count : 795

XMLHttpRequest

Last Update:

XMLHttpRequest (XHR) is an API in the form of a JavaScript object whose methods transmit HTTP requests from a web browser to a web server. The methods...

Word Count : 1234

HTTP persistent connection

Last Update:

receive multiple HTTP requests/responses, as opposed to opening a new connection for every single request/response pair. The newer HTTP/2 protocol uses...

Word Count : 1246

HTTP ETag

Last Update:

The ETag or entity tag is part of HTTP, the protocol for the World Wide Web. It is one of several mechanisms that HTTP provides for Web cache validation...

Word Count : 1298

HTTP 303

Last Update:

been performed, since RFC 2616 (HTTP 1.1). According to RFC 7231, which obsoletes RFC 2616, "A 303 response to a GET request indicates that the origin server...

Word Count : 446

HTTP header injection

Last Update:

File Download Injection OWASP HTTP request Splitting OWASP Testing for HTTP Splitting/Smuggling HTTP Smuggling in 2015 HTTP request smuggling v t e...

Word Count : 80

HTTP referer

Last Update:

Search with HTTPS. Most web servers maintain logs of all traffic, and record the HTTP referrer sent by the web browser for each request. This raises...

Word Count : 1380

HTTPS

Last Update:

Because HTTPS piggybacks HTTP entirely on top of TLS, the entirety of the underlying HTTP protocol can be encrypted. This includes the request's URL, query...

Word Count : 4373

List of HTTP header fields

Last Update:

HTTP header fields are a list of strings sent and received by both the client program and server on every HTTP request and response. These headers are...

Word Count : 2464

HTTP pipelining

Last Update:

HTTP pipelining is a feature of HTTP/1.1, which allows multiple HTTP requests to be sent over a single TCP connection without waiting for the corresponding...

Word Count : 1648

HTTP location

Last Update:

header should be sent with an HTTP status code of 3xx. It is passed as part of the response by a web server when the requested URI has: Moved temporarily;...

Word Count : 594

HTTP 451

Last Update:

networking, HTTP 451 Unavailable For Legal Reasons is a proposed standard error status code of the HTTP protocol to be displayed when the user requests a resource...

Word Count : 994

HTTP compression

Last Update:

compression schemes it supports by including a list of tokens in the HTTP request. For Content-Encoding, the list is in a field called Accept-Encoding;...

Word Count : 1808

HTTP message body

Last Update:

case of HTTP/0.9 no headers are transmitted). The request/response message consists of the following: Request line, such as GET /logo.gif HTTP/1.1 or Status...

Word Count : 211

HTTP cookie

Last Update:

attached to each HTTP request by the browser, JWTs must be explicitly attached to each HTTP request by the web application. The HTTP protocol includes...

Word Count : 10784

Byte serving

Last Update:

Byte serving (other names: Range Requests; Byte Range Serving; Page on demand) is the process introduced in HTTP protocol 1.1 of sending only a portion...

Word Count : 664

Secure Hypertext Transfer Protocol

Last Update:

request. This means that HTTPS implementations without Server Name Indication (SNI) support require a separate IP address per DNS name, and all HTTPS...

Word Count : 393

HTTP parameter pollution

Last Update:

is protection against HTTP Parameter Pollution. HTTP response splitting HTTP request smuggling Balduzzi et al. 2011, p. 2. "HTTP Parameter Pollution Vulnerabilities...

Word Count : 284

Content negotiation

Last Update:

Content negotiation refers to mechanisms defined as a part of HTTP that make it possible to serve different versions of a document (or more generally,...

Word Count : 912

Digest access authentication

Last Update:

and the client would prompt the user again. Client request (no authentication) GET /dir/index.html HTTP/1.0 Host: localhost (followed by a new line, in the...

Word Count : 2878
PDF Search Engine © AllGlobal.net