• Home
• io.codemodder
• codemodder-base
• 0.97.0
• source code
• report.json

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

generic-remediation-reports.header-injection.report.json Maven / Gradle / Ivy

{
  "summary" : "Introduced protections against HTTP header injection / smuggling attacks",
  "change" : "Added a call to replace any newlines that are present in the variable",
  "reviewGuidanceJustification" : "This codemod cleanly enforces the boundaries in the HTTP protocol, and we believe it presents no risk.",
  "references" : ["https://www.netsparker.com/blog/web-security/crlf-http-header/", "https://owasp.org/www-community/attacks/HTTP_Response_Splitting", "https://regilero.github.io/security/english/2015/10/04/http_smuggling_in_2015_part_one/"]
}