Jump to content

HTTP request smuggling

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by GünniX (talk | contribs) at 08:40, 19 July 2020 (v2.02 - WP:WCW project (Unbalanced quotes in ref name or illegal character.)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

HTTP
Request methods
Header fields
Response status codes
Security access control methods
Security vulnerabilities

HTTP request smuggling is a security exploit on the HTTP protocol that uses inconsistency between the interpretation of Content-length and/or Transfer-encoding headers between HTTP server implementations in an HTTP proxy server chain.[1][2]It was first documented in 2005, and was again repopularized by PortSwigger's research.[3]

Types

CL.TE

In this type of HTTP request smuggling, the front end processes the request using Content-Length header while backend processes the request using Transfer-Encoding header.[3]

TE.CL

In this type of HTTP request smuggling, the front end processes request using Transfer-Encoding header while backend processes the request using Content-Length header.[3]

Prevention

HTTP/2 should be used for backend connections and web server accepting same type of HTTP header should be used. [3]

References

  1. ^ "CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') (4.0)". cwe.mitre.org. Retrieved 2020-03-13.
  2. ^ "What is HTTP request smuggling? Tutorial & Examples | Web Security Academy". portswigger.net. Retrieved 2020-03-13.
  3. ^ a b c d "HTTP request smuggling".


Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

Stub icon

This World Wide Web–related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=HTTP_request_smuggling&oldid=968420760"