[Owasp-appsensor-project] Change to Detection Points - SE6 Change Of User Agent Mid Session
colin.watson at owasp.org
Fri Jun 11 04:44:35 EDT 2010
On 11 June 2010 00:17, Michael Coates <michael.coates at owasp.org> wrote:
> I think I'd rather go with Colin's change suggestion. I don't really want 2
> or 3 detection points all trying to capture the same idea and only differing
> by the header value they are discussing. We can help educate people here at
> the same time :)
> Michael Coates
> On 6/9/10 7:21 PM, John Melton wrote:
> I vote for splitting out into a new issue, since the name does denote the
> user agent changing, which most people associate w/ that one header, for
> better or worse.
> On Wed, Jun 9, 2010 at 10:35 AM, Colin Watson <colin.watson at owasp.org>
>> Suggestion to CHANGE an existing detection point. Has this already
>> been ruled out? Should it be changed?
>> Just another idea
>> Other headers such as Accept-Encoding and Accept-Language can be used
>> to help detect a session being used by someone else. It could relate
>> to public resources too (i.e. unauthenticated users).
>> 1. Leave name unchanged (i.e. keep as "Change Of User Agent Mid Session")
>> 2. Change first sentence of description to "The header User-Agent or
>> Accept-Encoding or Accept-Language change during an authenticated
>> 3. Removed the word "authenticated" from above sentence?
>> *** Or split this idea out into a new sensor e.g. SE7? ***
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
More information about the Owasp-appsensor-project