swapna_66665
Sep 22, 2011Nimbostratus
How to prevent HTTP response splitting
Hi to All,
I have a URL which is working fine when access it with its domain name but cannot access with its IP address.
There is no issue with server.
when I append some strings to that URL like for example
URL_domain_name.com/main%0d%0ahttp://www.example.com , it is showing some error messages which means HTTP header injection is prevented.
But when using same URL with its IP address like below
URL_IPaddress/main%0d%0ahttp://www.example.com , it is redirecting to www.example.com which causes HTTP header injection that should be prevented.
Does any one knows how to prevent this
HTTP response splitting::Header injection possible
Thanks
swapna