But, the PDF which is referred to in webappsec.org, whitedust.org and nearly everywhere and which I take it to the first piece of work on this issue calls it HTTP Request Smuggling...shiflett wrote:The attack really is called HTTP Response Splitting, although some other names floating around are HTTP Header Injection, HTTP Request Smuggling, and CRLF Injection (ordered from most to least popular alternatives). Sometimes, renames happen when a company wants to be credited with the discovery (e.g., hoping the new name catches on more than the original). Sometimes, it's because the original name is somewhat misleading. Regardless, these efforts really just confuse the whole discipline of web application security. I try to use the original names whenever possible.
xss help
Moderator: General Moderators
- n00b Saibot
- DevNet Resident
- Posts: 1452
- Joined: Fri Dec 24, 2004 2:59 am
- Location: Lucknow, UP, India
- Contact:
If I even tried to understand half of what you guys are taking about, I'd drive myself insane. I understand that I will never be truly 100% secure, but reading about something and knowing it exists as a potential threat, and not doing anything about it, bugs the crap out of me!
Now, thanks to this topic, I'm going to be spending my next hour googling.
Now, thanks to this topic, I'm going to be spending my next hour googling.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
- n00b Saibot
- DevNet Resident
- Posts: 1452
- Joined: Fri Dec 24, 2004 2:59 am
- Location: Lucknow, UP, India
- Contact:
good for youscrotaye wrote:If I even tried to understand half of what you guys are taking about, I'd drive myself insane. I understand that I will never be truly 100% secure, but reading about something and knowing it exists as a potential threat, and not doing anything about it, bugs the crap out of me!
Now, thanks to this topic, I'm going to be spending my next hour googling.
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
It's not too hard to follow really - just stay current with the security issues. I suppose you could stalk Chris if you really want to stay up to date. That might be a bit weird though, so his blog is probably a safer bet...
He also has a mountain (well, a sizeable hill) of free articles posted over on http://shiflett.org/articles . They're excellent first references since they're not overdone.

It's great to see articles a 5 year old could understand - the simplicity stands you in good stead.Glad you liked it.![]()
I can't get to the original PDF anymore, because my requests for sanctuminc.com are redirected to watchfire.com. Are you sure about that? As for why you might see a different name elsewhere, I mentioned a few reasons for this:n00b Saibot wrote:But, the PDF which is referred to in webappsec.org, whitedust.org and nearly everywhere and which I take it to the first piece of work on this issue calls it HTTP Request Smuggling.
I've never heard of whitedust.org (I can't connect to that domain either), so I can't presume to guess their intentions. I should also add a third possibility - sometimes people independently discover an exploit and don't realize that it has already been discovered.shiflett wrote:Sometimes, renames happen when a company wants to be credited with the discovery (e.g., hoping the new name catches on more than the original). Sometimes, it's because the original name is somewhat misleading.
Glad to hear it. :-)Maugrim_The_Reaper wrote:It's great to see articles a 5 year old could understand - the simplicity stands you in good stead.
One of the reviews for my book made me question whether it would be better to elaborate more, since the review is overall complimentary but describes the book as being a little too advanced for beginners. I usually feel successful when people are completely unimpressed and come away thinking the thing I've described is easy.
Shameless plug:
http://www.amazon.com/exec/obidos/ASIN/ ... hiflett-20
The review I'm referring to is by John A. Suda.
- n00b Saibot
- DevNet Resident
- Posts: 1452
- Joined: Fri Dec 24, 2004 2:59 am
- Location: Lucknow, UP, India
- Contact:
I have saved the original PDFshiflett wrote:I can't get to the original PDF anymore, because my requests for sanctuminc.com are redirected to watchfire.com. Are you sure about that?
I have posted the link to its article on this topic in my previous post [page 2] and sorry that's whitedust.net.shiflett wrote:I've never heard of whitedust.org (I can't connect to that domain either), so I can't presume to guess their intentions.
Hmmm... there could be a possibility...shiflett wrote:I should also add a third possibility - sometimes people independently discover an exploit and don't realize that it has already been discovered.