[Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting
Stefano Di Paola
stefano.dipaola at wisec.it
Wed Apr 25 17:28:36 EDT 2007
Il giorno mer, 25/04/2007 alle 23.38 +0200, Amit Klein ha scritto:
> I think you mean
> http://www.securityfocus.com/archive/1/411585
> ("Exploiting the XmlHttpRequest object in IE - Referrer spoofing, and a
> lot more...")
> It's there where I first used the term "HTTP Request Splitting". The
> Smuggling paper doesn't really mention client-side aided attacks.
Yup! fixed on my site. Thanks a lot!
Stefano
--
...oOOo...oOOo....
Stefano Di Paola
Software & Security Engineer
Web: www.wisec.it
..................
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Questa =?ISO-8859-1?Q?=E8?= una parte del messaggio
firmata digitalmente
Url : http://lists.owasp.org/pipermail/webappsec/attachments/20070425/14a08f5c/attachment.bin
More information about the Webappsec
mailing list