All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.codemodder.codemods.SanitizeHttpHeaderCodemod.report.json Maven / Gradle / Ivy

The newest version!
{
  "summary" : "Introduced protections against HTTP header injection / smuggling attacks",
  "control" : "https://github.com/pixee/java-security-toolkit/blob/main/src/main/java/io/github/pixee/security/Newlines.java",
  "change" : "Added a call to replace any newlines that are present in the variable",
  "reviewGuidanceJustification" : "This codemod cleanly enforces the boundaries in the HTTP protocol, and we believe it presents no risk.",
  "references" : ["https://www.netsparker.com/blog/web-security/crlf-http-header/", "https://owasp.org/www-community/attacks/HTTP_Response_Splitting", "https://regilero.github.io/security/english/2015/10/04/http_smuggling_in_2015_part_one/"]
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy