Questions tagged [http]
Definition: HTTP - the Hypertext Transfer Protocol - provides a standard for Web browsers and servers to communicate. The definition of HTTP is a technical specification of a network protocol that software must implement. HTTP is an application layer network protocol built on top of TCP. HTTP clients (such as Web browsers) and servers communicate via HTTP request and response messages. The three main HTTP message types are GET, POST, and HEAD.
1,480
questions
19
votes
4
answers
8k
views
HTTP: how likely are you to be compromised by using it just once?
My question is, if somebody, today, in 2024, sent a password or a credit card number to some random HTTP website just once, how likely is that password or credit card number to be found on a hacker ...
- 188
1
vote
2
answers
102
views
CSRF Prevention Using Signed Cookies And Custom Headers
Recently I was reading about CSRF prevention techniques like Synchronizer Token, Cookie-to-header, and Double Submit Cookie. Cookie-to-header is good for websites using a lot of JavaScript, e.g. SPAs, ...
- 13
1
vote
1
answer
55
views
What are the risk of using http when capturing open events on an email
I want to configure a custom domain for open and click tracking in Amazon Simple Email Service (SES). However, I've encountered a limitation where Amazon SES only allows HTTPS domains for tracking ...
- 196
1
vote
1
answer
55
views
Does the CORS asteriks / wildcard include both encrypted and unencrypted origins?
Does the CORS asteriks / wildcard (*) include both encrypted (https) and unencrypted origins (http)? And is the null origin (i.e., when a local file is doing a xmlhttprequest, or within an iframe ...
- 11
1
vote
1
answer
83
views
Execution profile for web server
I would like to know if there is a way to run an app to exhaustion in terms of all possible outcomes that it can provide.
What do I mean by that:
Let's assume that someone has an (Apache) HTTP Server. ...
- 111
0
votes
0
answers
107
views
Bettercap not detecting HTTPS websites (?)
The built-in sslstripping feature (http.proxy.sslstrip) in bettercap is not working against HTTPS websites in this issue I will be using cygwin.com and winzip.com as an example, as we can see they are ...
1
vote
1
answer
65
views
Command Injection in URLs. Are response codes foolproof indicator of true/false positive?
Take this HTTP request as an example.
GET /directory/blahblah/ping%20interact.sh
Say this request receives any 3xx, 4xx, 5xx HTTP response code. Is it likely or even possible that a backend web server ...
- 11
0
votes
0
answers
68
views
Overcoming Middleware: Exploiting XSS to Retrieve Data
I am attempting to perform an XSS attack on my server and have successfully bypassed the CSP. In my server code, I store all users in the following manner:
.get("/users", adminReq, (req, ...
- 13
0
votes
0
answers
33
views
Is it possible to see HTTPS traffic without intercepting? (With a copy of the traffic) [duplicate]
I have a WAF solution that can work both inline and out-of-band. And we want to try the OOB option first. And possibly want to see HTTPS traffic as well.
But the vendor says if we want to see the ...
- 3
0
votes
2
answers
74
views
Is There a way to exploiting / Make exploit scenario for Header based reflected XSS?
I've found a reflected XSS, but the problem is that the attack vector is the header (any header). Is there a way to develop an exploit scenario based on this?
1
vote
2
answers
67
views
Preventing Data Tampering in HTTPS Requests: Safeguarding User-Initiated Donations
Could a Man-in-the-Middle (MITM) attack compromise the integrity of user-initiated transactions over HTTPS? Specifically, if a user selects an amount to donate on a website, is it possible for a ...
- 13
0
votes
3
answers
664
views
Using HTTP header to transmit client certificate for mTLS
My client says their API traffic must take the path WAF -> Custom Firewall -> Backend API. Also, mTLS must be terminated after the traffic has gone through the network appliance.
I have created ...
- 101
0
votes
1
answer
171
views
CRLF in HTTP/2 header value
I am attempting to inject a carriage-return + newline in a HTTP request header value. My understanding is that this is possible with HTTP/2 and HTTP/3. However, when I send a request with Burp I get ...
- 31.8k
0
votes
0
answers
88
views
Is it possible to track cross origin redirection?
I can successfully iframe a page on origin B from origin A (no x-frame-deny, content security policy, etc). A page on origin B (page X) redirects to a page on origin C (page Y) with a server side ...
- 103
0
votes
0
answers
109
views
Cache poisoning from rfc6455 (WebSockets) not requiring server message to be masked?
In RFC6455 section 10.3, it explains why they have made clients mask their outgoing frames (so that a malicious server cannot manipulate a client into sending something in plaintext, as the message ...
- 101