search

kyprizel / testcookie-nginx-module

simple robot mitigation module using cookie based challenge/response technique. Not supported any more.
http://kyprizel.github.com/testcookie-nginx-module/
525 stars 140 forks source link

Security issue - HTTP header injection #21

Closed glintik closed 10 years ago

glintik commented 10 years ago

Hello!

We found a security issue that may be used in CSRF attacks.

Request:

GET /%0D%0AX-Header-Attacker HTTP/1.1 Host: www.example.com

Response:

Location: http://www.example.com/ X-Header-Attacker:

Probably, URL in Location must be filtered to prevent ASCII codes less than 0x20h.

kyprizel commented 10 years ago

Thank you. The problem is originally linked with nginx. Fixed.