[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] XST

From: Frederic Charpentier <fcharpen@xxxxxxxxxxxxxxxx>
Subject: [WEB SECURITY] XST
Date: Tue, 21 Mar 2006 10:31:24 +0100

hi all, I am wondering if someone knowns a way to perform a xmlhttp request with TRACE on an iexplore 6 SP1. Microsoft seems to block the use of the open("TRACE",url,false").

I saw on this list that IE can be tricked using open("\r\nTRACE",url,false), but it doesn't work with the http server I use (cisco web vpn gateway).

So, if there's another way to do that ...

--
Frederic Charpentier - Xmco Partners
Security Consulting / Pentest
web  : http://www.xmcopartners.com/tests-intrusion.html


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/

Follow-Ups:
- Re: [WEB SECURITY] XST
  - From: Amit Klein (AKsecurity)

References:
- [WEB SECURITY] How to Create Secure Web Applications with Struts
  - From: bugtraq
- Re: [WEB SECURITY] How to Create Secure Web Applications with Struts
  - From: Stephen de Vries
- Re: [WEB SECURITY] How to Create Secure Web Applications with Struts
  - From: George Capehart

Prev by Date: Re: [WEB SECURITY] How to Create Secure Web Applications with Struts
Next by Date: Re: [WEB SECURITY] How to Create Secure Web Applications with Struts
Previous by thread: Re: [WEB SECURITY] How to Create Secure Web Applications with Struts
Next by thread: Re: [WEB SECURITY] XST
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org