search for: val2c

...vers/backends behave differently when handling requests such as GET /foo?par1=val1&par1=val2 HTTP/1.1 User-Agent: Mozilla/5.0 Host: Host Accept: */* POST /foo HTTP/1.1 User-Agent: Mozilla/5.0 Host: Host Accept: */* Content-Length: 19 par1=val1&par1=val2c The point is that the same key (here par1) occurs with two or more values. They document both server and client side attacks based on this. On page 9 the presentation lists many http servers/backends, but not Rails (instead, the Linksys Wireless-G PTZ Internet Camera is included:-). I believe Rai...