bjhampe Posted April 27, 2010 Share Posted April 27, 2010 I have tried a few things to resolve the McAfee Secure alert for the HTTP Response Splitting vulnurability that keeps popping up. The solution that seems to be floating around is to add in the following code: // FIX for HTTP splitting vuln // See http://www.gulftech.org/?node=research&article_id=00080-06102005 $url = eregi_replace("[\r\n]+(.*)$", "", $url); // END fix That did not resolve ths issue as McAfee is looking to remove all variations of the LF/CR so after reading up on some PHP, I modified the code to this: $url = str_replace(array("\r\n","\n\r", "\r", "\n", "%0D%0A","%0A%0D","%0D","%0A","\R\N","\N\R", "\R", "\N", "%0d%0a","%0a%0d","%0d","%0a","%0d%0A","%0D%0a"), '', $url); This however is appearing to not work as McAfee is still able to insert the LF/CR. Can someone point me in the right direction as to what I am missing. Thank you. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.