All, There are various ways the web applications can be attacked using the vectors in http request itself. Attacks like the http response splitting makes use of modifying the request headers itself to exploit the vulnerable applications. Apart from input validation and sanitization at the server side, the question came to my mind if one can make the request headers mutable.
Is it possible to make it immutable ?
Aucun commentaire:
Enregistrer un commentaire