Content deleted Content added
Sohom Datta (talk | contribs) 2005 research is not new lol |
Sohom Datta (talk | contribs) Added {{Citation style}} tag |
||
Line 1:
{{Short description|Web application security vulnerability}}
{{Citation style|date=March 2024}}
{{HTTP}}
'''HTTP header injection''' is a general class of [[web application]] [[security vulnerability]] which occurs when [[Hypertext Transfer Protocol]] (HTTP) [[list of HTTP headers|headers]] are dynamically generated based on user input. Header injection in HTTP responses can allow for [[HTTP response splitting]], [[session fixation]] via the Set-Cookie header, [[cross-site scripting]] (XSS), and malicious redirect attacks via the ___location header.
| |||