HTTP request smuggling

“HTTP Request Smuggling works by taking advantage of the discrepancies in parsing when one or more HTTP devices/entities (e.g. cache server, proxy server, web application firewall, etc.) are in the data flow between the user and the web server. HTTP Request Smuggling enables various attacks – web cache poisoning, session hijacking, cross-site scripting and most importantly, the ability to bypass web application firewall protection.”

Link.

 

One thought on “HTTP request smuggling”

Leave a Reply

Your email address will not be published. Required fields are marked *