Host of Troubles: Multiple Host Ambiguities in HTTP Implementations

ACM Conference on Computer and Communications Security, pp. 1516-1527, 2016.

Cited by: 16|Bibtex|Views45|DOI:https://doi.org/10.1145/2976749.2978394
EI
Other Links: dblp.uni-trier.de|dl.acm.org|academic.microsoft.com

Abstract:

The Host header is a security-critical component in an HTTP request, as it is used as the basis for enforcing security and caching policies. While the current specification is generally clear on how host-related protocol fields should be parsed and interpreted, we find that the implementations are problematic. We tested a variety of widel...More

Code:

Data:

Full Text
Your rating :
0

 

Tags
Comments