Follow

The return of HTTP Response Splittingā€¦

Redirects allowing header injection used to be easy to turn into . Browsers improved but loopholes are still found every now and then. So now itā€™s empty Location header on Chrome and Location: ws:// on Firefox.

gremwell.com/firefox-xss-302

Ā· Ā· Web Ā· 0 Ā· 1 Ā· 2
Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.