search

rhaidiz / broxy

An HTTP/HTTPS intercept proxy written in Go.
GNU General Public License v3.0
1k stars 58 forks source link

disable auto update of Content-Length #8

Open kidandcat opened 2 years ago

kidandcat commented 2 years ago

If we could disable the automatic update of the Content-Length header, this tool would be usable to test for HTTP Smuggling attacks: https://portswigger.net/web-security/request-smuggling

ChillAndImprove commented 9 months ago

Good idea, anyone on this?