|
|
IIS Bad Request BUG(IIS的错误的请求BUG)
文章出处:WoYiGui's BLoG
GET /%0A%0D HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; zh-CN; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cache-Control: max-age=0
HTTP/1.x 400 Bad Request
Content-Type: text/html
Date: Fri, 07 Aug 2009 04:12:39 GMT
Connection: close
Content-Length: 34
GET部分未进行 UrlEncode造成Bad Request。同时 header() 注入%0d%0a 时也可用 UrEncode() 进行解决 |
|
发表于 2009-8-10 09:57:11