HTTP Response Smuggling

HTTP Response Smuggling is a technique that attackers use to manipulate and inject malicious content in the form of unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent.

In the maliciously manipulated HTTP response, an attacker can add duplicate header fields that HTTP agents interpret as belonging to separate responses. The combined HTTP response ends up being parsed or interpreted as two or more HTTP responses by the targeted client HTTP agent. This allows malicious HTTP responses to bypass security controls.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center