HTTP request smuggling: Difference between revisions

Content deleted Content added

Inline

Revision as of 21:43, 8 October 2021

https://ncbiinsights.ncbi.nlm.nih.gov/2020/08/17/insdc-covid-data-sharing/

https://en.wikipedia.org/wiki/Prime_Minister_of_Bangladesh#/media/File:Seal_of_the_Prime_Minister_of_Bangladesh.svg

HTTP request smuggling is a security exploit on the HTTP protocol that uses inconsistency between the interpretation of Content-length and/or Transfer-encoding headers between HTTP server implementations in an HTTP proxy server chain.^[1]^[2] It was first documented in 2005 by Linhart et al.^[3], and was again repopularized by PortSwigger's research.^[4]

Types

CL.TE

In this type of HTTP request smuggling, the front end processes the request using Content-Length header while backend processes the request using Transfer-Encoding header.^[4]

TE.CL

In this type of HTTP request smuggling, the front end processes request using Transfer-Encoding header while backend processes the request using Content-Length header.^[4]

Prevention

HTTP/2 should be used for backend connections and web server accepting same type of HTTP header should be used. ^[4]

References

^ "CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') (4.0)". cwe.mitre.org. Retrieved 2020-03-13.
^ "What is HTTP request smuggling? Tutorial & Examples | Web Security Academy". portswigger.net. Retrieved 2020-03-13.
^ Linhart, Chaim; Klein, Amit; Heled, Ronen; Orrin, Steve (2005). "HTTP request smuggling" (PDF).
^ ^a ^b ^c ^d "HTTP request smuggling".

This computer security article is a stub. You can help Wikipedia by expanding it.

This World Wide Web–related article is a stub. You can help Wikipedia by expanding it.

[1] "CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') (4.0)". cwe.mitre.org. Retrieved 2020-03-13.

[2] "What is HTTP request smuggling? Tutorial & Examples | Web Security Academy". portswigger.net. Retrieved 2020-03-13.

[HRS-3] Linhart, Chaim; Klein, Amit; Heled, Ronen; Orrin, Steve (2005). "HTTP request smuggling" (PDF).

[portswigger1-4] "HTTP request smuggling".

[1]

[2]

[3]

[4]

@@ Line 1: / Line 1: @@
+https://ncbiinsights.ncbi.nlm.nih.gov/2020/08/17/insdc-covid-data-sharing/
-{{short description|Web security vulnerability}}
+https://en.wikipedia.org/wiki/Prime_Minister_of_Bangladesh#/media/File:Seal_of_the_Prime_Minister_of_Bangladesh.svg{{short description|Web security vulnerability}}
 {{HTTP}}
 '''HTTP request smuggling''' is a [[security exploit]] on the [[HTTP]] protocol that uses inconsistency between the interpretation of <code>Content-length</code> and/or <code>Transfer-encoding</code> headers between HTTP server implementations in an [[HTTP proxy server]] chain.<ref>{{Cite web|url=https://cwe.mitre.org/data/definitions/444.html|title=CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') (4.0)|website=cwe.mitre.org|access-date=2020-03-13}}</ref><ref>{{Cite web|url=https://portswigger.net/web-security/request-smuggling|title=What is HTTP request smuggling? Tutorial & Examples {{!}} Web Security Academy|website=portswigger.net|access-date=2020-03-13}}</ref> It was first documented in 2005 by Linhart et al.<ref name="HRS">{{cite web|url=https://www.cgisecurity.com/lib/HTTP-Request-Smuggling.pdf|title=HTTP request smuggling|date=2005|last=Linhart|first=Chaim|last2=Klein|first2=Amit|last3=Heled|first3=Ronen|last4=Orrin|first4=Steve}}</ref>, and was again repopularized by PortSwigger's research.<ref name="portswigger1" />