[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"

From: "Amit Klein (AKsecurity)" <aksecurity@xxxxxxxxxx>
Subject: Re: [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"
Date: Wed, 25 Jan 2006 20:22:52 +0200

On 25 Jan 2006 at 8:58, Jeremiah Grossman wrote:

> FYI:
> 
> I tested TRACE and TRACK using the following code in Firefox 1.5 and  
> Mozilla 1.7.12. Both browsers deny TRACE and allow TRACK. I also  
> tried several variations to get a TRACE request to send, but no luck.
> 

Yep, I tried TRACE with Firefox > 1.0.6 - no luck. So far...

> My guess is TRACK doesn't matter in this case because proxies  
> probably do not support the request method.
>

My guess as well, which is why I focused on TRACE (only).


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/

References:
- [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"
  - From: Amit Klein (AKsecurity)
- Re: [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"
  - From: Jeremiah Grossman

Prev by Date: RE: [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"
Next by Date: Re: [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"
Previous by thread: Re: [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"
Next by thread: Re: [WEB SECURITY] Technical Note by Amit Klein: "XST Strikes Back"
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site