http icon indicating copy to clipboard operation
http copied to clipboard
verified publisher icon httprb

HTTP header injection

Open tarcieri opened this issue 9 years ago • 0 comments

I think http.rb may be vulnerable to something similar to this:

http://seclists.org/fulldisclosure/2016/Jun/63

I don't think HTTP::URI is properly sanitizing the URL such this won't happen.

tarcieri avatar Jun 27 '16 21:06 tarcieri