This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Periodic Table of Vulnerabilities - HTTP Request Splitting
From OWASP
Return to Periodic Table Working View
[hide]
HTTP Request Splitting
Root Cause Summary
insecure coding/HTTP parsing errors/caching
Browser / Standards Solution
Sanitize HTTP requests and responses
Perimeter Solution
- Sanitize HTTP headers
- Avoid HTTP connection sharing
Generic Framework Solution
Sanitize HTTP headers
Custom Framework Solution
None
Custom Code Solution
None
Discussion / Controversy
References
HTTP Message Splitting, Smuggling and Other Animals (Amit Klein, OWASP)