This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Periodic Table of Vulnerabilities - HTTP Request/Response Smuggling

From OWASP
Revision as of 21:06, 20 July 2013 by James Landis (talk | contribs)

Jump to: navigation, search

HTTP Request/Response Smuggling

Root Cause Summary

Malformed HTTP requests and responses are interpreted differently by proxies, web servers, or other systems which process HTTP along the request/response path. This can allow a request or response to bypass proxy filters or rules, poison caches, or cause the response from one request to be incorrectly matched with another.

Browser / Standards Solution

Tighten RFC standards to describe precise behavior for malformed request/response data, including rules for handling duplicate headers.

Perimeter Solution

  • Sanitize all HTTP headers, especially duplicates, by enforcing strict adherence to RFC
    • Sanitize both HTTP requests and responses
  • Avoid HTTP connection sharing
  • Enforce SSL to prevent proxy tampering

Generic Framework Solution

None

Custom Framework Solution

None

Custom Code Solution

None

Discussion / Controversy

Framework-level solutions for addressing correct CRLF behavior and preventing header manipulation are covered under OWASP Periodic Table of Vulnerabilities - HTTP Response Splitting

References

HTTP Request Smuggling
HTTP Message Splitting, Smuggling and Other Animals (Amit Klein, OWASP)
Message Header Extensions (RFC)
Response Smuggling (WASC)