[Esapi-user] Octet-byte streaming

Luke Biddell luke.biddell at gmail.com
Mon Jul 9 16:02:11 UTC 2012

I'm reading the cheat sheet on "Failure to restrict url access" here .

One of the things it suggests is

      "Use octet byte streaming instead of providing access to real files
such as PDFs or CSVs or similar"

I've had a google but not come up with any reasonable explanations of the
attack vector here?

Can any of you guys enlighten me?

Thanks as always.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20120709/34b1d735/attachment.html>

More information about the Esapi-user mailing list