Header Injections
Posted: Fri Feb 06, 2009 11:01 am
From the Wiki:
Certainly redirects are almost always hard-coded. Is this an example of an insecurity being introduced through bad design? Maybe I'm missing something about advanced header usage (admittedly I pretty much send the same headers in every project -- non-cache and redirects). Can someone give me an example as to when you might use dynamic headers so they might be exploited?
Cheers,
Alex
I'm not sure I get it though...why would headers ever need to be dynamically generated other than using time() to set the cache expiration, etc?HTTP header injection is a general class of web application security vulnerability which occurs when Hypertext Transfer Protocol (HTTP) headers are dynamically generated based on user input.
Certainly redirects are almost always hard-coded. Is this an example of an insecurity being introduced through bad design? Maybe I'm missing something about advanced header usage (admittedly I pretty much send the same headers in every project -- non-cache and redirects). Can someone give me an example as to when you might use dynamic headers so they might be exploited?
Cheers,
Alex