Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
RE: [WEB SECURITY] Re: HTTP Parameter Pollution
May 20 2009 07:58PM
Stefano Di Paola (stefano dipaola wisec it)
1. Web servers/frameworks/applications can do whatever they want with
multiple occurrences of the same parameter. No standard is actually
5. It has to be considered a behaviour not an issue.
we do not claim that it's wrong to expect more than one parameter.
[ more ]
Copyright 2010, SecurityFocus