How Do i disable a security feture #7004
Unanswered
showierdata9978
asked this question in
Q&A
Replies: 1 comment
-
Just remove the newline from the headers you're creating? The reason this is an issue, is that the newline will result in the server reading the part after the newline as a different header. Surely not what you intended... e.g.
i.e. 2 different headers. If the value of the header came from an untrusted source, this is a security issue as it allows them to inject their own headers into your requests. If the source is under your control, then your header values are just borked. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm currently dealing with the discourse API, and i would like to disable a security feature that i do not care about.
I don't care that there is a new line char in the status code or headers. I just want to send a post request and gets its result back.
Beta Was this translation helpful? Give feedback.
All reactions