There are many types of things one can do with HTTP Request Smuggling, is this an attack where header theft, cache poisoning or even response queue poisoning is possible?
What are the possible damage scenarios? And finally I wonder what the restrictions of this issue are Does it work over HTTP/2 or HTTP/1.1 or both? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
