[Owasp-appsensor-project] Change to Detection Points - SE6 Change Of User Agent Mid Session

John Melton jtmelton at gmail.com
Wed Jun 9 22:21:04 EDT 2010


I vote for splitting out into a new issue, since the name does denote the
user agent changing, which most people associate w/ that one header, for
better or worse.

On Wed, Jun 9, 2010 at 10:35 AM, Colin Watson <colin.watson at owasp.org>wrote:

> Suggestion to CHANGE an existing detection point.  Has this already
> been ruled out?  Should it be changed?
>
> Source
> -----------------------------------
> Just another idea
>
> Description
> -----------------------------------
> Other headers such as Accept-Encoding and Accept-Language can be used
> to help detect a session being used by someone else.  It could relate
> to public resources too (i.e. unauthenticated users).
>
> 1. Leave name unchanged (i.e. keep as "Change Of User Agent Mid Session")
>
> 2. Change first sentence of description to "The header User-Agent or
> Accept-Encoding or Accept-Language change during an authenticated
> session."
>
> 3. Removed the word "authenticated" from above sentence?
>
> *** Or split this idea out into a new sensor e.g. SE7? ***
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100609/a781abe8/attachment.html 


More information about the Owasp-appsensor-project mailing list