CINXE.COM
HTTP request smuggling - Wikipedia
<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>HTTP request smuggling - Wikipedia</title> <script>(function(){var className="client-js vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-toc-available";var cookie=document.cookie.match(/(?:^|; )enwikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy", "wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"d45d07df-b179-41cb-841e-89ee31f572a3","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"HTTP_request_smuggling","wgTitle":"HTTP request smuggling","wgCurRevisionId":1244845542,"wgRevisionId":1244845542,"wgArticleId":63364132,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["Articles with short description","Short description matches Wikidata","Articles needing more detailed references","Web security exploits","Hypertext Transfer Protocol headers"],"wgPageViewLanguage":"en","wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgRelevantPageName":"HTTP_request_smuggling","wgRelevantArticleId":63364132,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[],"wgRestrictionMove":[], "wgNoticeProject":"wikipedia","wgCiteReferencePreviewsActive":false,"wgFlaggedRevsParams":{"tags":{"status":{"levels":1}}},"wgMediaViewerOnClick":true,"wgMediaViewerEnabledByDefault":true,"wgPopupsFlags":0,"wgVisualEditor":{"pageLanguageCode":"en","pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":7000,"wgRelatedArticlesCompat":[],"wgCentralAuthMobileDomain":false,"wgEditSubmitButtonLabelPublish":true,"wgULSPosition":"interlanguage","wgULSisCompactLinksEnabled":false,"wgVector2022LanguageInHeader":true,"wgULSisLanguageSelectorEmpty":false,"wgWikibaseItemId":"Q96380193","wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model","platform","platformVersion"],"GEHomepageSuggestedEditsEnableTopics":true,"wgGETopicsMatchModeEnabled":false, "wgGEStructuredTaskRejectionReasonTextInputEnabled":false,"wgGELevelingUpEnabledForUser":false};RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.cite.styles":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","ext.wikimediamessages.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.uls.interlanguage":"ready","wikibase.client.init":"ready","ext.wikimediaBadges":"ready"};RLPAGEMODULES=["ext.cite.ux-enhancements","site","mediawiki.page.ready","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.gadget.ReferenceTooltips","ext.gadget.switcher","ext.urlShortener.toolbar","ext.centralauth.centralautologin","mmv.bootstrap","ext.popups","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.echo.centralauth","ext.eventLogging", "ext.wikimediaEvents","ext.navigationTiming","ext.uls.interface","ext.cx.eventlogging.campaigns","ext.cx.uls.quick.actions","wikibase.client.vector-2022","ext.checkUser.clientHints","ext.growthExperiments.SuggestedEditSession","wikibase.sidebar.tracking"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&modules=ext.cite.styles%7Cext.uls.interlanguage%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediaBadges%7Cext.wikimediamessages.styles%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles%7Cwikibase.client.init&only=styles&skin=vector-2022"> <script async="" src="/w/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&modules=site.styles&only=styles&skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.4"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/5/5b/HTTP_logo.svg/1200px-HTTP_logo.svg.png"> <meta property="og:image:width" content="1200"> <meta property="og:image:height" content="642"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/5/5b/HTTP_logo.svg/800px-HTTP_logo.svg.png"> <meta property="og:image:width" content="800"> <meta property="og:image:height" content="428"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/5/5b/HTTP_logo.svg/640px-HTTP_logo.svg.png"> <meta property="og:image:width" content="640"> <meta property="og:image:height" content="343"> <meta name="viewport" content="width=1120"> <meta property="og:title" content="HTTP request smuggling - Wikipedia"> <meta property="og:type" content="website"> <link rel="preconnect" href="//upload.wikimedia.org"> <link rel="alternate" media="only screen and (max-width: 640px)" href="//en.m.wikipedia.org/wiki/HTTP_request_smuggling"> <link rel="alternate" type="application/x-wiki" title="Edit this page" href="/w/index.php?title=HTTP_request_smuggling&action=edit"> <link rel="apple-touch-icon" href="/static/apple-touch/wikipedia.png"> <link rel="icon" href="/static/favicon/wikipedia.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="Wikipedia (en)"> <link rel="EditURI" type="application/rsd+xml" href="//en.wikipedia.org/w/api.php?action=rsd"> <link rel="canonical" href="https://en.wikipedia.org/wiki/HTTP_request_smuggling"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/deed.en"> <link rel="alternate" type="application/atom+xml" title="Wikipedia Atom feed" href="/w/index.php?title=Special:RecentChanges&feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="//login.wikimedia.org"> </head> <body class="skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-HTTP_request_smuggling rootpage-HTTP_request_smuggling skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-menu mw-ui-icon-wikimedia-menu"></span> <span class="vector-dropdown-label-text">Main menu</span> </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-contents" class="mw-list-item"><a href="/wiki/Wikipedia:Contents" title="Guides to browsing Wikipedia"><span>Contents</span></a></li><li id="n-currentevents" class="mw-list-item"><a href="/wiki/Portal:Current_events" title="Articles related to current events"><span>Current events</span></a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Visit a randomly selected article [x]" accesskey="x"><span>Random article</span></a></li><li id="n-aboutsite" class="mw-list-item"><a href="/wiki/Wikipedia:About" title="Learn about Wikipedia and how it works"><span>About Wikipedia</span></a></li><li id="n-contactpage" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us" title="How to contact Wikipedia"><span>Contact us</span></a></li> </ul> </div> </div> <div id="p-interaction" class="vector-menu mw-portlet mw-portlet-interaction" > <div class="vector-menu-heading"> Contribute </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-help" class="mw-list-item"><a href="/wiki/Help:Contents" title="Guidance on how to use and edit Wikipedia"><span>Help</span></a></li><li id="n-introduction" class="mw-list-item"><a href="/wiki/Help:Introduction" title="Learn how to edit Wikipedia"><span>Learn to edit</span></a></li><li id="n-portal" class="mw-list-item"><a href="/wiki/Wikipedia:Community_portal" title="The hub for editors"><span>Community portal</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes to Wikipedia [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_upload_wizard" title="Add images or other media for use on Wikipedia"><span>Upload file</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/Main_Page" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/wikipedia.png" alt="" aria-hidden="true" height="50" width="50"> <span class="mw-logo-container skin-invert"> <img class="mw-logo-wordmark" alt="Wikipedia" src="/static/images/mobile/copyright/wikipedia-wordmark-en.svg" style="width: 7.5em; height: 1.125em;"> <img class="mw-logo-tagline" alt="The Free Encyclopedia" src="/static/images/mobile/copyright/wikipedia-tagline-en.svg" width="117" height="13" style="width: 7.3125em; height: 0.8125em;"> </span> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search Wikipedia [f]" accesskey="f"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia" aria-label="Search Wikipedia" autocapitalize="sentences" title="Search Wikipedia [f]" accesskey="f" id="searchInput" > <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page's font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-appearance mw-ui-icon-wikimedia-appearance"></span> <span class="vector-dropdown-label-text">Appearance</span> </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/wiki/Special:FundraiserRedirector?utm_source=donate&utm_medium=sidebar&utm_campaign=C13_en.wikipedia.org&uselang=en" class=""><span>Donate</span></a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&returnto=HTTP+request+smuggling" title="You are encouraged to create an account and log in; however, it is not mandatory" class=""><span>Create account</span></a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&returnto=HTTP+request+smuggling" title="You're encouraged to log in; however, it's not mandatory. [o]" accesskey="o" class=""><span>Log in</span></a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out" title="Log in and more options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-ellipsis mw-ui-icon-wikimedia-ellipsis"></span> <span class="vector-dropdown-label-text">Personal tools</span> </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/wiki/Special:FundraiserRedirector?utm_source=donate&utm_medium=sidebar&utm_campaign=C13_en.wikipedia.org&uselang=en"><span>Donate</span></a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&returnto=HTTP+request+smuggling" title="You are encouraged to create an account and log in; however, it is not mandatory"><span class="vector-icon mw-ui-icon-userAdd mw-ui-icon-wikimedia-userAdd"></span> <span>Create account</span></a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&returnto=HTTP+request+smuggling" title="You're encouraged to log in; however, it's not mandatory. [o]" accesskey="o"><span class="vector-icon mw-ui-icon-logIn mw-ui-icon-wikimedia-logIn"></span> <span>Log in</span></a></li> </ul> </div> </div> <div id="p-user-menu-anon-editor" class="vector-menu mw-portlet mw-portlet-user-menu-anon-editor" > <div class="vector-menu-heading"> Pages for logged out editors <a href="/wiki/Help:Introduction" aria-label="Learn more about editing"><span>learn more</span></a> </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y"><span>Contributions</span></a></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n"><span>Talk</span></a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"><!-- CentralNotice --></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">(Top)</div> </a> </li> <li id="toc-Types" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Types"> <div class="vector-toc-text"> <span class="vector-toc-numb">1</span> <span>Types</span> </div> </a> <button aria-controls="toc-Types-sublist" class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-toc-toggle"> <span class="vector-icon mw-ui-icon-wikimedia-expand"></span> <span>Toggle Types subsection</span> </button> <ul id="toc-Types-sublist" class="vector-toc-list"> <li id="toc-CL.TE" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#CL.TE"> <div class="vector-toc-text"> <span class="vector-toc-numb">1.1</span> <span>CL.TE</span> </div> </a> <ul id="toc-CL.TE-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-TE.CL" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#TE.CL"> <div class="vector-toc-text"> <span class="vector-toc-numb">1.2</span> <span>TE.CL</span> </div> </a> <ul id="toc-TE.CL-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-TE.TE" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#TE.TE"> <div class="vector-toc-text"> <span class="vector-toc-numb">1.3</span> <span>TE.TE</span> </div> </a> <ul id="toc-TE.TE-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-Prevention" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Prevention"> <div class="vector-toc-text"> <span class="vector-toc-numb">2</span> <span>Prevention</span> </div> </a> <ul id="toc-Prevention-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-References" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#References"> <div class="vector-toc-text"> <span class="vector-toc-numb">3</span> <span>References</span> </div> </a> <ul id="toc-References-sublist" class="vector-toc-list"> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading"><span class="mw-page-title-main">HTTP request smuggling</span></h1> <div id="p-lang-btn" class="vector-dropdown mw-portlet mw-portlet-lang" > <input type="checkbox" id="p-lang-btn-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-p-lang-btn" class="vector-dropdown-checkbox mw-interlanguage-selector" aria-label="This article exist only in this language. Add the article for other languages" > <label id="p-lang-btn-label" for="p-lang-btn-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive mw-portlet-lang-heading-0" aria-hidden="true" ><span class="vector-icon mw-ui-icon-language-progressive mw-ui-icon-wikimedia-language-progressive"></span> <span class="vector-dropdown-label-text">Add languages</span> </label> <div class="vector-dropdown-content"> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> <div class="after-portlet after-portlet-lang"><span class="uls-after-portlet-link"></span><span class="wb-langlinks-add wb-langlinks-link"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q96380193#sitelinks-wikipedia" title="Add interlanguage links" class="wbc-editpage">Add links</a></span></div> </div> </div> </div> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/HTTP_request_smuggling" title="View the content page [c]" accesskey="c"><span>Article</span></a></li><li id="ca-talk" class="vector-tab-noicon mw-list-item"><a href="/wiki/Talk:HTTP_request_smuggling" rel="discussion" title="Discuss improvements to the content page [t]" accesskey="t"><span>Talk</span></a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">English</span> </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/HTTP_request_smuggling"><span>Read</span></a></li><li id="ca-edit" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=HTTP_request_smuggling&action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=HTTP_request_smuggling&action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">Tools</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/HTTP_request_smuggling"><span>Read</span></a></li><li id="ca-more-edit" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=HTTP_request_smuggling&action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=HTTP_request_smuggling&action=history"><span>View history</span></a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/HTTP_request_smuggling" title="List of all English Wikipedia pages containing links to this page [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/HTTP_request_smuggling" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_Upload_Wizard" title="Upload files [u]" accesskey="u"><span>Upload file</span></a></li><li id="t-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages" title="A list of all special pages [q]" accesskey="q"><span>Special pages</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=HTTP_request_smuggling&oldid=1244845542" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=HTTP_request_smuggling&action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&page=HTTP_request_smuggling&id=1244845542&wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FHTTP_request_smuggling"><span>Get shortened URL</span></a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FHTTP_request_smuggling"><span>Download QR code</span></a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&page=HTTP_request_smuggling&action=show-download-screen" title="Download this page as a PDF file"><span>Download as PDF</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=HTTP_request_smuggling&printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li> </ul> </div> </div> <div id="p-wikibase-otherprojects" class="vector-menu mw-portlet mw-portlet-wikibase-otherprojects" > <div class="vector-menu-heading"> In other projects </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-wikibase" class="wb-otherproject-link wb-otherproject-wikibase-dataitem mw-list-item"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q96380193" title="Structured data on this page hosted by Wikidata [g]" accesskey="g"><span>Wikidata item</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div class="mw-indicators"> </div> <div id="siteSub" class="noprint">From Wikipedia, the free encyclopedia</div> </div> <div id="contentSub"><div id="mw-content-subtitle"></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-content-ltr mw-parser-output" lang="en" dir="ltr"><div class="shortdescription nomobile noexcerpt noprint searchaux" style="display:none">Web security vulnerability</div> <style data-mw-deduplicate="TemplateStyles:r1129693374">.mw-parser-output .hlist dl,.mw-parser-output .hlist ol,.mw-parser-output .hlist ul{margin:0;padding:0}.mw-parser-output .hlist dd,.mw-parser-output .hlist dt,.mw-parser-output .hlist li{margin:0;display:inline}.mw-parser-output .hlist.inline,.mw-parser-output .hlist.inline dl,.mw-parser-output .hlist.inline ol,.mw-parser-output .hlist.inline ul,.mw-parser-output .hlist dl dl,.mw-parser-output .hlist dl ol,.mw-parser-output .hlist dl ul,.mw-parser-output .hlist ol dl,.mw-parser-output .hlist ol ol,.mw-parser-output .hlist ol ul,.mw-parser-output .hlist ul dl,.mw-parser-output .hlist ul ol,.mw-parser-output .hlist ul ul{display:inline}.mw-parser-output .hlist .mw-empty-li{display:none}.mw-parser-output .hlist dt::after{content:": "}.mw-parser-output .hlist dd::after,.mw-parser-output .hlist li::after{content:" · ";font-weight:bold}.mw-parser-output .hlist dd:last-child::after,.mw-parser-output .hlist dt:last-child::after,.mw-parser-output .hlist li:last-child::after{content:none}.mw-parser-output .hlist dd dd:first-child::before,.mw-parser-output .hlist dd dt:first-child::before,.mw-parser-output .hlist dd li:first-child::before,.mw-parser-output .hlist dt dd:first-child::before,.mw-parser-output .hlist dt dt:first-child::before,.mw-parser-output .hlist dt li:first-child::before,.mw-parser-output .hlist li dd:first-child::before,.mw-parser-output .hlist li dt:first-child::before,.mw-parser-output .hlist li li:first-child::before{content:" (";font-weight:normal}.mw-parser-output .hlist dd dd:last-child::after,.mw-parser-output .hlist dd dt:last-child::after,.mw-parser-output .hlist dd li:last-child::after,.mw-parser-output .hlist dt dd:last-child::after,.mw-parser-output .hlist dt dt:last-child::after,.mw-parser-output .hlist dt li:last-child::after,.mw-parser-output .hlist li dd:last-child::after,.mw-parser-output .hlist li dt:last-child::after,.mw-parser-output .hlist li li:last-child::after{content:")";font-weight:normal}.mw-parser-output .hlist ol{counter-reset:listitem}.mw-parser-output .hlist ol>li{counter-increment:listitem}.mw-parser-output .hlist ol>li::before{content:" "counter(listitem)"\a0 "}.mw-parser-output .hlist dd ol>li:first-child::before,.mw-parser-output .hlist dt ol>li:first-child::before,.mw-parser-output .hlist li ol>li:first-child::before{content:" ("counter(listitem)"\a0 "}</style><style data-mw-deduplicate="TemplateStyles:r1246091330">.mw-parser-output .sidebar{width:22em;float:right;clear:right;margin:0.5em 0 1em 1em;background:var(--background-color-neutral-subtle,#f8f9fa);border:1px solid var(--border-color-base,#a2a9b1);padding:0.2em;text-align:center;line-height:1.4em;font-size:88%;border-collapse:collapse;display:table}body.skin-minerva .mw-parser-output .sidebar{display:table!important;float:right!important;margin:0.5em 0 1em 1em!important}.mw-parser-output .sidebar-subgroup{width:100%;margin:0;border-spacing:0}.mw-parser-output .sidebar-left{float:left;clear:left;margin:0.5em 1em 1em 0}.mw-parser-output .sidebar-none{float:none;clear:both;margin:0.5em 1em 1em 0}.mw-parser-output .sidebar-outer-title{padding:0 0.4em 0.2em;font-size:125%;line-height:1.2em;font-weight:bold}.mw-parser-output .sidebar-top-image{padding:0.4em}.mw-parser-output .sidebar-top-caption,.mw-parser-output .sidebar-pretitle-with-top-image,.mw-parser-output .sidebar-caption{padding:0.2em 0.4em 0;line-height:1.2em}.mw-parser-output .sidebar-pretitle{padding:0.4em 0.4em 0;line-height:1.2em}.mw-parser-output .sidebar-title,.mw-parser-output .sidebar-title-with-pretitle{padding:0.2em 0.8em;font-size:145%;line-height:1.2em}.mw-parser-output .sidebar-title-with-pretitle{padding:0.1em 0.4em}.mw-parser-output .sidebar-image{padding:0.2em 0.4em 0.4em}.mw-parser-output .sidebar-heading{padding:0.1em 0.4em}.mw-parser-output .sidebar-content{padding:0 0.5em 0.4em}.mw-parser-output .sidebar-content-with-subgroup{padding:0.1em 0.4em 0.2em}.mw-parser-output .sidebar-above,.mw-parser-output .sidebar-below{padding:0.3em 0.8em;font-weight:bold}.mw-parser-output .sidebar-collapse .sidebar-above,.mw-parser-output .sidebar-collapse .sidebar-below{border-top:1px solid #aaa;border-bottom:1px solid #aaa}.mw-parser-output .sidebar-navbar{text-align:right;font-size:115%;padding:0 0.4em 0.4em}.mw-parser-output .sidebar-list-title{padding:0 0.4em;text-align:left;font-weight:bold;line-height:1.6em;font-size:105%}.mw-parser-output .sidebar-list-title-c{padding:0 0.4em;text-align:center;margin:0 3.3em}@media(max-width:640px){body.mediawiki .mw-parser-output .sidebar{width:100%!important;clear:both;float:none!important;margin-left:0!important;margin-right:0!important}}body.skin--responsive .mw-parser-output .sidebar a>img{max-width:none!important}@media screen{html.skin-theme-clientpref-night .mw-parser-output .sidebar:not(.notheme) .sidebar-list-title,html.skin-theme-clientpref-night .mw-parser-output .sidebar:not(.notheme) .sidebar-title-with-pretitle{background:transparent!important}html.skin-theme-clientpref-night .mw-parser-output .sidebar:not(.notheme) .sidebar-title-with-pretitle a{color:var(--color-progressive)!important}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .sidebar:not(.notheme) .sidebar-list-title,html.skin-theme-clientpref-os .mw-parser-output .sidebar:not(.notheme) .sidebar-title-with-pretitle{background:transparent!important}html.skin-theme-clientpref-os .mw-parser-output .sidebar:not(.notheme) .sidebar-title-with-pretitle a{color:var(--color-progressive)!important}}@media print{body.ns-0 .mw-parser-output .sidebar{display:none!important}}</style><table class="sidebar nomobile nowraplinks hlist"><tbody><tr><th class="sidebar-title"><a href="/wiki/HTTP" title="HTTP">HTTP</a></th></tr><tr><td class="sidebar-image"><span typeof="mw:File"><a href="/wiki/File:HTTP_logo.svg" class="mw-file-description"><img src="//upload.wikimedia.org/wikipedia/commons/thumb/5/5b/HTTP_logo.svg/180px-HTTP_logo.svg.png" decoding="async" width="180" height="96" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/commons/thumb/5/5b/HTTP_logo.svg/270px-HTTP_logo.svg.png 1.5x, //upload.wikimedia.org/wikipedia/commons/thumb/5/5b/HTTP_logo.svg/360px-HTTP_logo.svg.png 2x" data-file-width="512" data-file-height="274" /></a></span></td></tr><tr><td class="sidebar-content"> <ul><li><a href="/wiki/HTTP_persistent_connection" title="HTTP persistent connection">Persistence</a></li> <li><a href="/wiki/HTTP_compression" title="HTTP compression">Compression</a></li> <li><a href="/wiki/HTTPS" title="HTTPS">HTTPS</a></li> <li><a href="/wiki/QUIC" title="QUIC">QUIC</a></li></ul></td> </tr><tr><th class="sidebar-heading"> <a href="/wiki/HTTP#Request_methods" title="HTTP">Request methods</a></th></tr><tr><td class="sidebar-content"> <ul><li><a href="/wiki/HTTP#Request_methods" title="HTTP">OPTIONS</a></li> <li><a href="/wiki/HTTP#Request_methods" title="HTTP">GET</a></li> <li><a href="/wiki/HTTP#Request_methods" title="HTTP">HEAD</a></li> <li><a href="/wiki/POST_(HTTP)" title="POST (HTTP)">POST</a></li> <li><a href="/wiki/HTTP#Request_methods" title="HTTP">PUT</a></li> <li><a href="/wiki/HTTP#Request_methods" title="HTTP">DELETE</a></li> <li><a href="/wiki/HTTP#Request_methods" title="HTTP">TRACE</a></li> <li><a href="/wiki/HTTP#Request_methods" title="HTTP">CONNECT</a></li> <li><a href="/wiki/PATCH_(HTTP)" title="PATCH (HTTP)">PATCH</a></li></ul></td> </tr><tr><th class="sidebar-heading"> <a href="/wiki/List_of_HTTP_header_fields" title="List of HTTP header fields">Header fields</a></th></tr><tr><td class="sidebar-content"> <ul><li><a href="/wiki/HTTP_cookie" title="HTTP cookie">Cookie</a></li> <li><a href="/wiki/HTTP_ETag" title="HTTP ETag">ETag</a></li> <li><a href="/wiki/HTTP_location" title="HTTP location">Location</a></li> <li><a href="/wiki/HTTP_referer" title="HTTP referer">HTTP referer</a></li> <li><a href="/wiki/Do_Not_Track" title="Do Not Track">DNT</a></li> <li><a href="/wiki/X-Forwarded-For" title="X-Forwarded-For">X-Forwarded-For</a></li></ul></td> </tr><tr><th class="sidebar-heading"> <a href="/wiki/List_of_HTTP_status_codes" title="List of HTTP status codes">Response status codes</a></th></tr><tr><td class="sidebar-content"> <ul><li><a href="/wiki/HTTP_301" title="HTTP 301">301 Moved Permanently</a></li> <li><a href="/wiki/HTTP_302" title="HTTP 302">302 Found</a></li> <li><a href="/wiki/HTTP_303" title="HTTP 303">303 See Other</a></li> <li><a href="/wiki/HTTP_403" title="HTTP 403">403 Forbidden</a></li> <li><a href="/wiki/HTTP_404" title="HTTP 404">404 Not Found</a></li> <li><a href="/wiki/HTTP_451" title="HTTP 451">451 Unavailable for Legal Reasons</a></li></ul></td> </tr><tr><th class="sidebar-heading"> Security access control methods</th></tr><tr><td class="sidebar-content"> <ul><li><a href="/wiki/Basic_access_authentication" title="Basic access authentication">Basic access authentication</a></li> <li><a href="/wiki/Digest_access_authentication" title="Digest access authentication">Digest access authentication</a></li></ul></td> </tr><tr><th class="sidebar-heading"> Security vulnerabilities</th></tr><tr><td class="sidebar-content"> <ul><li><a href="/wiki/HTTP_header_injection" title="HTTP header injection">HTTP header injection</a></li> <li><a class="mw-selflink selflink">HTTP request smuggling</a></li> <li><a href="/wiki/HTTP_response_splitting" title="HTTP response splitting">HTTP response splitting</a></li> <li><a href="/wiki/HTTP_parameter_pollution" title="HTTP parameter pollution">HTTP parameter pollution</a></li></ul></td> </tr><tr><td class="sidebar-navbar"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1129693374"><style data-mw-deduplicate="TemplateStyles:r1239400231">.mw-parser-output .navbar{display:inline;font-size:88%;font-weight:normal}.mw-parser-output .navbar-collapse{float:left;text-align:left}.mw-parser-output .navbar-boxtext{word-spacing:0}.mw-parser-output .navbar ul{display:inline-block;white-space:nowrap;line-height:inherit}.mw-parser-output .navbar-brackets::before{margin-right:-0.125em;content:"[ "}.mw-parser-output .navbar-brackets::after{margin-left:-0.125em;content:" ]"}.mw-parser-output .navbar li{word-spacing:-0.125em}.mw-parser-output .navbar a>span,.mw-parser-output .navbar a>abbr{text-decoration:inherit}.mw-parser-output .navbar-mini abbr{font-variant:small-caps;border-bottom:none;text-decoration:none;cursor:inherit}.mw-parser-output .navbar-ct-full{font-size:114%;margin:0 7em}.mw-parser-output .navbar-ct-mini{font-size:114%;margin:0 4em}html.skin-theme-clientpref-night .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}@media(prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}}@media print{.mw-parser-output .navbar{display:none!important}}</style><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:HTTP" title="Template:HTTP"><abbr title="View this template">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:HTTP" title="Template talk:HTTP"><abbr title="Discuss this template">t</abbr></a></li><li class="nv-edit"><a href="/wiki/Special:EditPage/Template:HTTP" title="Special:EditPage/Template:HTTP"><abbr title="Edit this template">e</abbr></a></li></ul></div></td></tr></tbody></table> <p><b>HTTP request smuggling</b> (<b>HRS</b>) is a <a href="/wiki/Security_exploit" class="mw-redirect" title="Security exploit">security exploit</a> on the <a href="/wiki/HTTP" title="HTTP">HTTP</a> protocol that takes advantage of an inconsistency between the interpretation of <a href="/wiki/List_of_HTTP_header_fields#content-length-response-header" title="List of HTTP header fields"><code>Content-Length</code></a> and <a href="/wiki/List_of_HTTP_header_fields#transfer-encoding-response-header" title="List of HTTP header fields"><code>Transfer-Encoding</code></a> headers between HTTP server implementations in an <a href="/wiki/HTTP_proxy_server" class="mw-redirect" title="HTTP proxy server">HTTP proxy server</a> chain.<sup id="cite_ref-1" class="reference"><a href="#cite_note-1"><span class="cite-bracket">[</span>1<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-portswigger1_2-0" class="reference"><a href="#cite_note-portswigger1-2"><span class="cite-bracket">[</span>2<span class="cite-bracket">]</span></a></sup> It was first documented in 2005 by Linhart et al.<sup id="cite_ref-HRS_3-0" class="reference"><a href="#cite_note-HRS-3"><span class="cite-bracket">[</span>3<span class="cite-bracket">]</span></a></sup> </p><p>The Transfer-Encoding header works by defining a directive on how to interpret the body of the <a href="/wiki/HTTP_request" class="mw-redirect" title="HTTP request">HTTP request</a>, with the common and necessary directive for this attack being the <a href="/wiki/Chunked_transfer_encoding" title="Chunked transfer encoding">chunked transfer encoding</a>.<sup id="cite_ref-mozillatransfer_4-0" class="reference"><a href="#cite_note-mozillatransfer-4"><span class="cite-bracket">[</span>4<span class="cite-bracket">]</span></a></sup> When the Transfer-Encoding header is present, the Content-Length header is supposed to be omitted.<sup id="cite_ref-mozillatransfer_4-1" class="reference"><a href="#cite_note-mozillatransfer-4"><span class="cite-bracket">[</span>4<span class="cite-bracket">]</span></a></sup> Working similarly but with a different syntax, the Content-Length header works by specifying the size in bytes of the body as a value in the header itself.<sup id="cite_ref-mozillacontentlength_5-0" class="reference"><a href="#cite_note-mozillacontentlength-5"><span class="cite-bracket">[</span>5<span class="cite-bracket">]</span></a></sup> Vulnerabilities arise when both of these headers are included in a malicious HTTP request, bypassing security functions meant to prevent malicious HTTP queries to the server by causing either the <a href="/wiki/Frontend_and_backend" title="Frontend and backend">front-end or back-end</a> server to incorrectly interpret the request.<sup id="cite_ref-imperva_6-0" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> HTTP request smuggling commonly takes the form of CL.TE, TE.CL, or TE.TE, although more complex attacks using HRS do exist.<sup id="cite_ref-imperva_6-1" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> </p> <meta property="mw:PageProp/toc" /> <div class="mw-heading mw-heading2"><h2 id="Types">Types</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=HTTP_request_smuggling&action=edit&section=1" title="Edit section: Types"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <div class="mw-heading mw-heading3"><h3 id="CL.TE">CL.TE</h3><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=HTTP_request_smuggling&action=edit&section=2" title="Edit section: CL.TE"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>In this type of HTTP request smuggling, the front end processes the request using Content-Length header while backend processes the request using Transfer-Encoding header.<sup id="cite_ref-portswigger1_2-1" class="reference"><a href="#cite_note-portswigger1-2"><span class="cite-bracket">[</span>2<span class="cite-bracket">]</span></a></sup> The attack would be carried out with the first part of the request declaring a zero length chunk.<sup id="cite_ref-imperva_6-2" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> The front end server seeing this would only read the first part of the request and unintentionally pass the second part to the back end server.<sup id="cite_ref-imperva_6-3" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> Once passed through to the back end server, it would be treated as the next request and processed, carrying out the attackers hidden request.<sup id="cite_ref-imperva_6-4" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading3"><h3 id="TE.CL">TE.CL</h3><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=HTTP_request_smuggling&action=edit&section=3" title="Edit section: TE.CL"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>In this type of HTTP request smuggling, the front end processes request using Transfer-Encoding header while backend processes the request using Content-Length header.<sup id="cite_ref-portswigger1_2-2" class="reference"><a href="#cite_note-portswigger1-2"><span class="cite-bracket">[</span>2<span class="cite-bracket">]</span></a></sup> In this attack, a hacker would declare the valid length of the first chunk, which houses the malicious request and then declare a second chunk with a length of 0.<sup id="cite_ref-imperva_6-5" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> When the front end server sees the second chunk with a length of 0 it believes the request to be complete and passes it along to the back end server.<sup id="cite_ref-imperva_6-6" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> The back end server processes the request using the Content-Length header, however, and as a result the malicious request left in the first chunk go unprocessed until they are treating as being at the start of next request in the sequence and are carried out.<sup id="cite_ref-portswigger1_2-3" class="reference"><a href="#cite_note-portswigger1-2"><span class="cite-bracket">[</span>2<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading3"><h3 id="TE.TE">TE.TE</h3><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=HTTP_request_smuggling&action=edit&section=4" title="Edit section: TE.TE"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>In this type of HTTP request smuggling, the front end and backend both process the request using Transfer-Encoding header, but the header can be obfuscated in a way (for example by nonstandard whitespace formatting or duplicate headers) that makes one of the servers but not the other one ignore it.<sup id="cite_ref-portswigger1_2-4" class="reference"><a href="#cite_note-portswigger1-2"><span class="cite-bracket">[</span>2<span class="cite-bracket">]</span></a></sup> Obscuring the header may take the form of adding in an incorrect character, such as Transfer-Encoding: xchunked, or an unusual new line character between 'Transfer-Encoding' and ': chunked'.<sup id="cite_ref-imperva_6-7" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> If one of the front of back end servers still processes these obfuscated HTTP requests, then the rest of the attack will be similar to how CL.TE or TE.CL attacks work.<sup id="cite_ref-imperva_6-8" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Prevention">Prevention</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=HTTP_request_smuggling&action=edit&section=5" title="Edit section: Prevention"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>The best prevention to these attacks would clearly be if front end and back end servers interpreted HTTP requests the same way. However, this is usually not an option as <a href="/wiki/Load_balancer" class="mw-redirect" title="Load balancer">load balancers</a> support backend servers run on distinct platforms, using different software.<sup id="cite_ref-imperva_6-9" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> Most variants<sup class="noprint Inline-Template" style="white-space:nowrap;">[<i><a href="/wiki/Wikipedia:Citing_sources" title="Wikipedia:Citing sources"><span title="Statement needs to be more specific about the content to which it refers. (May 2023)">specify</span></a></i>]</sup> of this attack can be prevented by using <a href="/wiki/HTTP/2" title="HTTP/2">HTTP/2</a>, as it uses a different method to determine the length of a request. Another method of avoiding the attack is for the frontend server to normalize HTTP requests before passing them to the backend, ensuring that they get interpreted in the same way.<sup id="cite_ref-portswigger1_2-5" class="reference"><a href="#cite_note-portswigger1-2"><span class="cite-bracket">[</span>2<span class="cite-bracket">]</span></a></sup> Configuring a <a href="/wiki/Web_application_firewall" title="Web application firewall">web application firewall</a> is another good way to prevent HRS attacks as many feature technology that identify attack attempts and either blocks or sanitize the suspicious incoming requests.<sup id="cite_ref-imperva_6-10" class="reference"><a href="#cite_note-imperva-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> </p><p>Grenfeldt et al. (2021) found that most front-end web servers (e.g. proxy servers) provided the parsing features for hindering in practice, all the known HRS attacks on the back-end web servers.<sup id="cite_ref-Grenfeldt_et_al._(2021)_7-0" class="reference"><a href="#cite_note-Grenfeldt_et_al._(2021)-7"><span class="cite-bracket">[</span>7<span class="cite-bracket">]</span></a></sup> Huang et al. (2022) proposed a method using <a href="/wiki/Flask_(web_framework)" title="Flask (web framework)">Flask</a> so to implement suitable parsing features that prevent HRS attacks, from a front-end program or web server.<sup id="cite_ref-Huang_et_al._(2022)_8-0" class="reference"><a href="#cite_note-Huang_et_al._(2022)-8"><span class="cite-bracket">[</span>8<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="References">References</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=HTTP_request_smuggling&action=edit&section=6" title="Edit section: References"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <style data-mw-deduplicate="TemplateStyles:r1239543626">.mw-parser-output .reflist{margin-bottom:0.5em;list-style-type:decimal}@media screen{.mw-parser-output .reflist{font-size:90%}}.mw-parser-output .reflist .references{font-size:100%;margin-bottom:0;list-style-type:inherit}.mw-parser-output .reflist-columns-2{column-width:30em}.mw-parser-output .reflist-columns-3{column-width:25em}.mw-parser-output .reflist-columns{margin-top:0.3em}.mw-parser-output .reflist-columns ol{margin-top:0}.mw-parser-output .reflist-columns li{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .reflist-upper-alpha{list-style-type:upper-alpha}.mw-parser-output .reflist-upper-roman{list-style-type:upper-roman}.mw-parser-output .reflist-lower-alpha{list-style-type:lower-alpha}.mw-parser-output .reflist-lower-greek{list-style-type:lower-greek}.mw-parser-output .reflist-lower-roman{list-style-type:lower-roman}</style><div class="reflist"> <div class="mw-references-wrap"><ol class="references"> <li id="cite_note-1"><span class="mw-cite-backlink"><b><a href="#cite_ref-1">^</a></b></span> <span class="reference-text"><style data-mw-deduplicate="TemplateStyles:r1238218222">.mw-parser-output cite.citation{font-style:inherit;word-wrap:break-word}.mw-parser-output .citation q{quotes:"\"""\"""'""'"}.mw-parser-output .citation:target{background-color:rgba(0,127,255,0.133)}.mw-parser-output .id-lock-free.id-lock-free a{background:url("//upload.wikimedia.org/wikipedia/commons/6/65/Lock-green.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-limited.id-lock-limited a,.mw-parser-output .id-lock-registration.id-lock-registration a{background:url("//upload.wikimedia.org/wikipedia/commons/d/d6/Lock-gray-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-subscription.id-lock-subscription a{background:url("//upload.wikimedia.org/wikipedia/commons/a/aa/Lock-red-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .cs1-ws-icon a{background:url("//upload.wikimedia.org/wikipedia/commons/4/4c/Wikisource-logo.svg")right 0.1em center/12px no-repeat}body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-free a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-limited a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-registration a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-subscription a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .cs1-ws-icon a{background-size:contain;padding:0 1em 0 0}.mw-parser-output .cs1-code{color:inherit;background:inherit;border:none;padding:inherit}.mw-parser-output .cs1-hidden-error{display:none;color:var(--color-error,#d33)}.mw-parser-output .cs1-visible-error{color:var(--color-error,#d33)}.mw-parser-output .cs1-maint{display:none;color:#085;margin-left:0.3em}.mw-parser-output .cs1-kern-left{padding-left:0.2em}.mw-parser-output .cs1-kern-right{padding-right:0.2em}.mw-parser-output .citation .mw-selflink{font-weight:inherit}@media screen{.mw-parser-output .cs1-format{font-size:95%}html.skin-theme-clientpref-night .mw-parser-output .cs1-maint{color:#18911f}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .cs1-maint{color:#18911f}}</style><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://cwe.mitre.org/data/definitions/444.html">"CWE - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') (4.0)"</a>. <i>cwe.mitre.org</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2020-03-13</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=cwe.mitre.org&rft.atitle=CWE+-+CWE-444%3A+Inconsistent+Interpretation+of+HTTP+Requests+%28%27HTTP+Request+Smuggling%27%29+%284.0%29&rft_id=https%3A%2F%2Fcwe.mitre.org%2Fdata%2Fdefinitions%2F444.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> <li id="cite_note-portswigger1-2"><span class="mw-cite-backlink">^ <a href="#cite_ref-portswigger1_2-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-portswigger1_2-1"><sup><i><b>b</b></i></sup></a> <a href="#cite_ref-portswigger1_2-2"><sup><i><b>c</b></i></sup></a> <a href="#cite_ref-portswigger1_2-3"><sup><i><b>d</b></i></sup></a> <a href="#cite_ref-portswigger1_2-4"><sup><i><b>e</b></i></sup></a> <a href="#cite_ref-portswigger1_2-5"><sup><i><b>f</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://portswigger.net/web-security/request-smuggling">"What is HTTP request smuggling? Tutorial & Examples | Web Security Academy"</a>. <i>portswigger.net</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2020-03-13</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=portswigger.net&rft.atitle=What+is+HTTP+request+smuggling%3F+Tutorial+%26+Examples+%7C+Web+Security+Academy&rft_id=https%3A%2F%2Fportswigger.net%2Fweb-security%2Frequest-smuggling&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> <li id="cite_note-HRS-3"><span class="mw-cite-backlink"><b><a href="#cite_ref-HRS_3-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFLinhartKleinHeledOrrin2005" class="citation web cs1">Linhart, Chaim; Klein, Amit; Heled, Ronen; Orrin, Steve (2005). <a rel="nofollow" class="external text" href="https://www.cgisecurity.com/lib/HTTP-Request-Smuggling.pdf">"HTTP request smuggling"</a> <span class="cs1-format">(PDF)</span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=HTTP+request+smuggling&rft.date=2005&rft.aulast=Linhart&rft.aufirst=Chaim&rft.au=Klein%2C+Amit&rft.au=Heled%2C+Ronen&rft.au=Orrin%2C+Steve&rft_id=https%3A%2F%2Fwww.cgisecurity.com%2Flib%2FHTTP-Request-Smuggling.pdf&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> <li id="cite_note-mozillatransfer-4"><span class="mw-cite-backlink">^ <a href="#cite_ref-mozillatransfer_4-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-mozillatransfer_4-1"><sup><i><b>b</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Transfer-Encoding">"Transfer-Encoding"</a>. <i>developer.mozilla.org</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2022-12-15</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=developer.mozilla.org&rft.atitle=Transfer-Encoding&rft_id=https%3A%2F%2Fdeveloper.mozilla.org%2Fen-US%2Fdocs%2FWeb%2FHTTP%2FHeaders%2FTransfer-Encoding&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> <li id="cite_note-mozillacontentlength-5"><span class="mw-cite-backlink"><b><a href="#cite_ref-mozillacontentlength_5-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length#:~:text=The%20Content%2DLength%20header%20indicates,bytes%2C%20sent%20to%20the%20recipient.">"Content-Length"</a>. <i>developer.mozilla.org</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2022-12-15</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=developer.mozilla.org&rft.atitle=Content-Length&rft_id=https%3A%2F%2Fdeveloper.mozilla.org%2Fen-US%2Fdocs%2FWeb%2FHTTP%2FHeaders%2FContent-Length%23%3A~%3Atext%3DThe%2520Content%252DLength%2520header%2520indicates%2Cbytes%252C%2520sent%2520to%2520the%2520recipient.&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> <li id="cite_note-imperva-6"><span class="mw-cite-backlink">^ <a href="#cite_ref-imperva_6-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-imperva_6-1"><sup><i><b>b</b></i></sup></a> <a href="#cite_ref-imperva_6-2"><sup><i><b>c</b></i></sup></a> <a href="#cite_ref-imperva_6-3"><sup><i><b>d</b></i></sup></a> <a href="#cite_ref-imperva_6-4"><sup><i><b>e</b></i></sup></a> <a href="#cite_ref-imperva_6-5"><sup><i><b>f</b></i></sup></a> <a href="#cite_ref-imperva_6-6"><sup><i><b>g</b></i></sup></a> <a href="#cite_ref-imperva_6-7"><sup><i><b>h</b></i></sup></a> <a href="#cite_ref-imperva_6-8"><sup><i><b>i</b></i></sup></a> <a href="#cite_ref-imperva_6-9"><sup><i><b>j</b></i></sup></a> <a href="#cite_ref-imperva_6-10"><sup><i><b>k</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.imperva.com/learn/application-security/http-request-smuggling/#:~:text=An%20HTTP%20request%20smuggling%20vulnerability,through%20a%20malicious%20HTTP%20query">"HTTP Request Smuggling"</a>. <i>imperva.com</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2022-12-15</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=imperva.com&rft.atitle=HTTP+Request+Smuggling&rft_id=https%3A%2F%2Fwww.imperva.com%2Flearn%2Fapplication-security%2Fhttp-request-smuggling%2F%23%3A~%3Atext%3DAn%2520HTTP%2520request%2520smuggling%2520vulnerability%2Cthrough%2520a%2520malicious%2520HTTP%2520query&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> <li id="cite_note-Grenfeldt_et_al._(2021)-7"><span class="mw-cite-backlink"><b><a href="#cite_ref-Grenfeldt_et_al._(2021)_7-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGrenfeldtOlofssonEngströmLagerström2021" class="citation conference cs1">Grenfeldt M, Olofsson A, Engström V, Lagerström R (2021). "Attacking websites using HTTP request smuggling: empirical testing of servers and proxies". <i>2021 IEEE 25th international enterprise distributed object computing conference (EDOC)</i>. Australia: IEEE. pp. 173–181. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1109%2FEDOC52215.2021.00028">10.1109/EDOC52215.2021.00028</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=conference&rft.atitle=Attacking+websites+using+HTTP+request+smuggling%3A+empirical+testing+of+servers+and+proxies&rft.btitle=2021+IEEE+25th+international+enterprise+distributed+object+computing+conference+%28EDOC%29&rft.place=Australia&rft.pages=173-181&rft.pub=IEEE&rft.date=2021&rft_id=info%3Adoi%2F10.1109%2FEDOC52215.2021.00028&rft.aulast=Grenfeldt&rft.aufirst=M&rft.au=Olofsson%2C+A&rft.au=Engstr%C3%B6m%2C+V&rft.au=Lagerstr%C3%B6m%2C+R&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> <li id="cite_note-Huang_et_al._(2022)-8"><span class="mw-cite-backlink"><b><a href="#cite_ref-Huang_et_al._(2022)_8-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHuangChiuChenSun2022" class="citation journal cs1">Huang Q, Chiu M, Chen Y, Sun H (2022). <a rel="nofollow" class="external text" href="https://doi.org/10.1155%2F2022%2F3121177">"Attacking websites: detecting and preventing HTTP request smuggling attacks"</a>. <i>Security and Communication Networks</i>. <b>2022</b>: 1–14. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<span class="id-lock-free" title="Freely accessible"><a rel="nofollow" class="external text" href="https://doi.org/10.1155%2F2022%2F3121177">10.1155/2022/3121177</a></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Security+and+Communication+Networks&rft.atitle=Attacking+websites%3A+detecting+and+preventing+HTTP+request+smuggling+attacks&rft.volume=2022&rft.pages=1-14&rft.date=2022&rft_id=info%3Adoi%2F10.1155%2F2022%2F3121177&rft.aulast=Huang&rft.aufirst=Q&rft.au=Chiu%2C+M&rft.au=Chen%2C+Y&rft.au=Sun%2C+H&rft_id=https%3A%2F%2Fdoi.org%2F10.1155%252F2022%252F3121177&rfr_id=info%3Asid%2Fen.wikipedia.org%3AHTTP+request+smuggling" class="Z3988"></span></span> </li> </ol></div></div> <!-- NewPP limit report Parsed by mw‐web.codfw.main‐f69cdc8f6‐xz5ct Cached time: 20241122153152 Cache expiry: 2592000 Reduced expiry: false Complications: [vary‐revision‐sha1, show‐toc] CPU time usage: 0.372 seconds Real time usage: 0.461 seconds Preprocessor visited node count: 880/1000000 Post‐expand include size: 23243/2097152 bytes Template argument size: 701/2097152 bytes Highest expansion depth: 12/100 Expensive parser function count: 1/500 Unstrip recursion depth: 1/20 Unstrip post‐expand size: 42056/5000000 bytes Lua time usage: 0.262/10.000 seconds Lua memory usage: 4802521/52428800 bytes Number of Wikibase entities loaded: 0/400 --> <!-- Transclusion expansion time report (%,ms,calls,template) 100.00% 418.566 1 -total 34.96% 146.337 1 Template:Reflist 33.13% 138.674 1 Template:HTTP 32.40% 135.606 1 Template:Sidebar 27.27% 114.143 6 Template:Cite_web 20.55% 86.034 1 Template:Short_description 12.77% 53.466 2 Template:Pagetype 8.51% 35.633 1 Template:Specify 7.44% 31.148 1 Template:Fix 4.87% 20.397 3 Template:Main_other --> <!-- Saved in parser cache with key enwiki:pcache:idhash:63364132-0!canonical and timestamp 20241122153152 and revision id 1244845542. Rendering was triggered because: page-view --> </div><!--esi <esi:include src="/esitest-fa8a495983347898/content" /> --><noscript><img src="https://login.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://en.wikipedia.org/w/index.php?title=HTTP_request_smuggling&oldid=1244845542">https://en.wikipedia.org/w/index.php?title=HTTP_request_smuggling&oldid=1244845542</a>"</div></div> <div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Help:Category" title="Help:Category">Categories</a>: <ul><li><a href="/wiki/Category:Web_security_exploits" title="Category:Web security exploits">Web security exploits</a></li><li><a href="/wiki/Category:Hypertext_Transfer_Protocol_headers" title="Category:Hypertext Transfer Protocol headers">Hypertext Transfer Protocol headers</a></li></ul></div><div id="mw-hidden-catlinks" class="mw-hidden-catlinks mw-hidden-cats-hidden">Hidden categories: <ul><li><a href="/wiki/Category:Articles_with_short_description" title="Category:Articles with short description">Articles with short description</a></li><li><a href="/wiki/Category:Short_description_matches_Wikidata" title="Category:Short description matches Wikidata">Short description matches Wikidata</a></li><li><a href="/wiki/Category:Articles_needing_more_detailed_references" title="Category:Articles needing more detailed references">Articles needing more detailed references</a></li></ul></div></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 9 September 2024, at 15:03<span class="anonymous-show"> (UTC)</span>.</li> <li id="footer-info-copyright">Text is available under the <a href="/wiki/Wikipedia:Text_of_the_Creative_Commons_Attribution-ShareAlike_4.0_International_License" title="Wikipedia:Text of the Creative Commons Attribution-ShareAlike 4.0 International License">Creative Commons Attribution-ShareAlike 4.0 License</a>; additional terms may apply. By using this site, you agree to the <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use" class="extiw" title="foundation:Special:MyLanguage/Policy:Terms of Use">Terms of Use</a> and <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy" class="extiw" title="foundation:Special:MyLanguage/Policy:Privacy policy">Privacy Policy</a>. Wikipedia® is a registered trademark of the <a rel="nofollow" class="external text" href="https://wikimediafoundation.org/">Wikimedia Foundation, Inc.</a>, a non-profit organization.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Wikipedia:About">About Wikipedia</a></li> <li id="footer-places-disclaimers"><a href="/wiki/Wikipedia:General_disclaimer">Disclaimers</a></li> <li id="footer-places-contact"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us">Contact Wikipedia</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Universal_Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/en.wikipedia.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//en.m.wikipedia.org/w/index.php?title=HTTP_request_smuggling&mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://wikimediafoundation.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/static/images/footer/wikimedia-button.svg" width="84" height="29" alt="Wikimedia Foundation" loading="lazy"></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/w/resources/assets/poweredby_mediawiki.svg" alt="Powered by MediaWiki" width="88" height="31" loading="lazy"></a></li> </ul> </footer> </div> </div> </div> <div class="vector-settings" id="p-dock-bottom"> <ul></ul> </div><script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-f69cdc8f6-gxw57","wgBackendResponseTime":214,"wgPageParseReport":{"limitreport":{"cputime":"0.372","walltime":"0.461","ppvisitednodes":{"value":880,"limit":1000000},"postexpandincludesize":{"value":23243,"limit":2097152},"templateargumentsize":{"value":701,"limit":2097152},"expansiondepth":{"value":12,"limit":100},"expensivefunctioncount":{"value":1,"limit":500},"unstrip-depth":{"value":1,"limit":20},"unstrip-size":{"value":42056,"limit":5000000},"entityaccesscount":{"value":0,"limit":400},"timingprofile":["100.00% 418.566 1 -total"," 34.96% 146.337 1 Template:Reflist"," 33.13% 138.674 1 Template:HTTP"," 32.40% 135.606 1 Template:Sidebar"," 27.27% 114.143 6 Template:Cite_web"," 20.55% 86.034 1 Template:Short_description"," 12.77% 53.466 2 Template:Pagetype"," 8.51% 35.633 1 Template:Specify"," 7.44% 31.148 1 Template:Fix"," 4.87% 20.397 3 Template:Main_other"]},"scribunto":{"limitreport-timeusage":{"value":"0.262","limit":"10.000"},"limitreport-memusage":{"value":4802521,"limit":52428800}},"cachereport":{"origin":"mw-web.codfw.main-f69cdc8f6-xz5ct","timestamp":"20241122153152","ttl":2592000,"transientcontent":false}}});});</script> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"Article","name":"HTTP request smuggling","url":"https:\/\/en.wikipedia.org\/wiki\/HTTP_request_smuggling","sameAs":"http:\/\/www.wikidata.org\/entity\/Q96380193","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q96380193","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2020-03-13T16:18:55Z","dateModified":"2024-09-09T15:03:04Z","image":"https:\/\/upload.wikimedia.org\/wikipedia\/commons\/5\/5b\/HTTP_logo.svg","headline":"web security vulnerability"}</script> </body> </html>