Web Security Research- Alex's Corner: HTTP Range & Request-Range Request Headers - Dave's Blog

Search
My timeline on Mastodon

Web Security Research- Alex's Corner: HTTP Range & Request-Range Request Headers

2008 May 2, 1:55Avoid sniffing using the HTTP range header: "...if we have an application...which protects against FindMimeFromData XSS attacks by searching the first 256 bytes for certain strings, then we can simply place our strings after the first 256 bytes and get FlPermalinkCommentsvia:swannman http http-header range xss security
Creative Commons License Some rights reserved.