Hello,
Minor:
11. HTTP response splitting attack protection: Replace \r and \n with
space in header();
Information and patches implementing this can be found at
http://cschneid.com/php/
Your patches are problematic when a proxy kills overlong header lines
that were not split up by the client onto multiple lines. Therefore \r\n
followed by whitespace should not be replaced with spaces..Otherwise
this could destroy legit functionality.
A similiar patch for this is in Hardening-Patch above 0.3.x
Ohh and btw: this is not a minor point, because it completely kills the
whole attack class for PHP applications with 3-5 lines of code.
Stefan Esser
--
--------------------------------------------------------------------------
Stefan Esser [EMAIL PROTECTED]
Hardened-PHP Project http://www.hardened-php.net/
GPG-Key gpg --keyserver pgp.mit.edu --recv-key 0x15ABDA78
Key fingerprint 7806 58C8 CFA8 CE4A 1C2C 57DD 4AE1 795E 15AB DA78
--------------------------------------------------------------------------
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
