Difference between revisions of "Cross Site Tracing"
|Line 45:||Line 45:|
Revision as of 14:06, 10 September 2008
ASDR Table of Contents
This type of attack can occur when the there is an XSS vulnerability and the server supports HTTP TRACE.
Related Threat Agents
- Disable HTTP Trace on your web server
- Prevent any XSS on your web site
- Cross-Site Tracing (XST): http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
- Testing for HTTP Methods and XST