HTTP Response Splitting Vulnerability

Description

This code directly writes an HTTP parameter to an HTTP header, which allows for a HTTP response splitting vulnerability.

Examples

Insecure Code

response.setHeader("Location", request.getParameter("redirect"));

Secure Code

response.setHeader("Location", Encode.forUriComponent(request.getParameter("redirect")));

Remediation

Validate and sanitize user input before writing it to HTTP headers. Use a library like OWASP ESAPI to encode user input for HTTP headers.

Rule Details

Field	Value
ID	CODE-0013
Category	Injection
Severity	HIGH
CWE	CWE-113
Confidence	HIGH
Impact	HIGH
Likelihood	MEDIUM
Exploitability	EASY
Tags	http, response splitting
OWASP	N/A

---