W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2008

(issue 77) - concrete security issues

From: Amit Klein <aksecurity@gmail.com>
Date: Thu, 11 Sep 2008 22:06:49 +0200
Message-ID: <48C97A59.7090404@gmail.com>
To: ietf-http-wg@w3.org


A somewhat special case of this issue is exploitable, see 'The CRLF SP 
CRLF trick' in 
http://www.cgisecurity.com/lib/HTTP-Request-Smuggling.pdf. So I'm all in 
for eliminating this whole continuation thingy.

Received on Thursday, 11 September 2008 19:02:50 GMT

This message: [ Message body ]
Next message: Amit Klein: "(issue 95) - security considerations"
Previous message: Amit Klein: "(issue 30) - concrete security-related examples"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:22:29 GMT