Security Basics mailing list archives

ratproxy questions

From: Andre Rodrigues <acastanheira2001 () yahoo com br>
Date: Tue, 3 Feb 2009 12:15:29 -0800 (PST)

Hi,

I need to explain the issues reported by ratproxy. Does anyone can explain  in detail what the following risks mean?

1- POST query with no XSRF protection.

2- Bad caching headers.

3- Ambiguous HTTP content headers.

4- Risky Javascript code.

5- MIME type mismatch on renderable file.

6- MIME type missing.

7- File name in query parameters.

8- Bad or no charset declared for renderable file.

9- Request splitting candidates.

10- GET query with no XSRF protection.



Thanks,
André

Current thread:

ratproxy questions Andre Rodrigues (Feb 03)
- <Possible follow-ups>
- Re: ratproxy questions cryppy (Feb 09)
  - Re: ratproxy questions Andre Rodrigues (Feb 10)