R-049: HTTP Header Injection Vulnerabilities in Adobe Flash Player
These vulnerabilities would allow remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks. The risk is LOW. These vulnerabilities would allow remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks. The flexibility of the attack varies depending on the type of web browser being used.
HTTP::Request(3) User Contributed Perl Documentation HTTP::Request(3)NAME
HTTP::Request - Class encapsulating HTTP Requests
SYNOPSIS
require HTTP::Request;
$request = HTTP::Request->new(GET => 'http://www.oslo.net/');
DESCRIPTION
"HTTP::Request" is a class encapsulating HTTP style requests, consisting of a request line, some headers, and some (potentially empty) con-
tent. Note that the LWP library also uses this HTTP style requests for non-HTTP protocols.
Instances of this class are usually passed to the "request()" method of an "LWP::UserAgent" object:
$ua = LWP::UserAgent->new;
$request = HTTP::Request->new(GET => 'http://www.oslo.net/');
$response = $ua->request($request);
"HTTP::Request" is a subclass of "HTTP::Message" and therefore inherits its methods. The inherited methods most often used are header(),
push_header(), remove_header(), and content(). See HTTP::Message for details.
The following additional methods are available:
$r = HTTP::Request->new($method, $uri)
$r = HTTP::Request->new($method, $uri, $header)
$r = HTTP::Request->new($method, $uri, $header, $content)
Constructs a new "HTTP::Request" object describing a request on the object $uri using method $method. The $uri argument can be either
a string, or a reference to a "URI" object. The optional $header argument should be a reference to an "HTTP::Headers" object. The
optional $content argument should be a string.
$r->method([$val])
$r->uri([$val])
These methods provide public access to the attributes containing respectively the method of the request and the URI object of the
request.
If an argument is given the attribute is given that as its new value. If no argument is given the value is not touched. In either case
the previous value is returned.
The method() method argument should be a string.
The uri() method accept both a reference to a URI object and a string as its argument. If a string is given, then it should be
parseable as an absolute URI.
$r->as_string()
Method returning a textual representation of the request. Mainly useful for debugging purposes. It takes no arguments.
SEE ALSO
HTTP::Headers, HTTP::Message, HTTP::Request::Common
COPYRIGHT
Copyright 1995-2001 Gisle Aas.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
libwww-perl-5.65 2001-11-15 HTTP::Request(3)