Forum Discussion
How to prevent HTTP response splitting
I have a URL which is working fine when access it with its domain name but cannot access with its IP address.
There is no issue with server.
when I append some strings to that URL like for example
URL_domain_name.com/main%0d%0ahttp://www.example.com , it is showing some error messages which means HTTP header injection is prevented.
But when using same URL with its IP address like below
URL_IPaddress/main%0d%0ahttp://www.example.com , it is redirecting to www.example.com which causes HTTP header injection that should be prevented.
Does any one knows how to prevent this
HTTP response splitting::Header injection possible
Thanks
swapna
2 Replies
- what is violations information, if you could be share once.
- Check HTTP Class for this Virtual Server - if it is enabled only for Host: URL_domain_name.com then the requests with IP address instead of domain name are not going through ASM policy
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com