Tamper-Data-for-FF-Quantum icon indicating copy to clipboard operation
Tamper-Data-for-FF-Quantum copied to clipboard

Published 20 hours ago verified publisher icon Pamblam

Any workarounds?

Open JavanXD opened this issue 6 years ago • 3 comments

Are you still waiting for a fix from the Mozilla Dev team or would you also be interested in a workaround? I was also thinking of a way to HTTP Request Smuggling the POST body into the header fields with CR LF.

JavanXD avatar Mar 14 '19 16:03 JavanXD

Definitely interested in a workaround.. how would that work exactly?

Pamblam avatar Mar 14 '19 20:03 Pamblam

Just an idea: When we can inject new line character (CRLF) into a header field it could be possible. But I didn't test the webRequest-API yet. Original request: grafik Injected POST-Body as a requestHeaders: grafik

If the Content-Length can be set the old original POST-Body will be ignored.

JavanXD avatar Apr 06 '19 09:04 JavanXD

Sorry for the delay. I tried the method you suggested but it didn't work. I tried it a long time ago but I'm pretty sure this was the result.

fluks avatar Oct 05 '22 14:10 fluks