News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Artur Ejsmont's Blog:
HTTP response splitting and mail headers splitting attacks
November 15, 2010 @ 10:57:16

In a recent post to his blog Artur Ejsmont looks at an attack that could potentially leave a hole open in your PHP-based application for a cross-site scripting (XSS) attack - HTTP response splitting (mail headers too).

There are two similar security issues both taken care of by Suhosin patch and strict escaping/encoding rules. They both relate to injecting new lines into headers of network protocols. They are not very well known and i think its worth mentioning it. HTTP response splitting is a web based attack where hacker manages to trick the server into injecting new lines into response headers along with arbitrary code. If you use GET/POST parameters in the headers like cookie or location, then someone could provide new lines with XSS attack.

He gives some examples of how it might work via the header function so that superglobals might be abused (like adding information on the URL to inject into $_GET). To prevent the attack, you just have to ensure that no special characters make it into the headers or cookies. He also mentions that the Suhosin patch takes care of the issue automatically.

2 comments voice your opinion now!
http response header split example attack


blog comments powered by Disqus

Similar Posts

Sameer Borate: Easy PHP debugging with Kint

MySQL Performance Blog: Integers in PHP, running with scissors, and portability

Padraic Brady's Blog: Zend Framework Blog Tutorial - Part 7: Authorisation with Zend_Acl & Styling

Bill Staples' Blog: IIS7 Patch for Windows Vista fixes CGI/PHP apps - multiple response headers

Carson McDonald's Blog: Google OAuth for Installed Apps PHP Example


Community Events

Don't see your event here?
Let us know!


conference api podcast community opinion introduction framework development extension voicesoftheelephpant laravel interview unittest series psr7 release laravel5 library wordpress language

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework