During some specific tests with our upcoming Web App Security Scanner tool,
we have found that Apache would kindly accept HTML injection through
"Expect" header. Originally meant to be a protocol flow control that would
give web client the capacity of sending the HTTP headers for server's...
During some specific tests with our upcoming Web App Security Scanner tool,
we have found that Apache would kindly accept HTML injection through
"Expect" header. Originally meant to be a protocol flow control that would
give web client the capacity of sending the HTTP headers for server's...
[ more ]