[Esapi-user] Octet-byte streaming

Luke Biddell luke.biddell at gmail.com
Mon Jul 9 16:02:11 UTC 2012


I'm reading the cheat sheet on "Failure to restrict url access" here .
https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet


One of the things it suggests is

      "Use octet byte streaming instead of providing access to real files
such as PDFs or CSVs or similar"


I've had a google but not come up with any reasonable explanations of the
attack vector here?

Can any of you guys enlighten me?

Thanks as always.

Luke
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20120709/34b1d735/attachment.html>


More information about the Esapi-user mailing list