bjhampe Posted April 20, 2010 Share Posted April 20, 2010 I have tried a few things to resolve the McAfee Secure alert for the HTTP Response Splitting vulnurability that keeps popping up. The solution that seems to be floating around is to add in the following code: // FIX for HTTP splitting vuln // See http://www.gulftech.org/?node=research&article_id=00080-06102005 $url = eregi_replace("[\r\n]+(.*)$", "", $url); // END fix McAfee wants to filter all of these: %0D %0A %0D%0A \r \n \r\n Can anyone help with the code modification for that? Thank you. Link to comment Share on other sites More sharing options...
bjhampe Posted April 22, 2010 Author Share Posted April 22, 2010 Well apparently, I am going to have to start looking for a new shopping cart software as the last few topics that I have posted don't seem to be getting anywhere. I understand that it is free software but the support used to be pretty good. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.