cookie bomb - how to protect?
nginx-forum at nginx.us
Sun Jan 19 16:06:58 UTC 2014
very interesting read:
from thze blogpost:
"TL;DR I can craft a page "polluting" CDNs, blogging platforms and other
major networks with my cookies. Your browser will keep sending those cookies
and servers will reject the requests, because Cookie header will be very
long. The entire Internet will look down to you.
I have no idea if it's a known trick, but I believe it should be fixed.
Severity: depends. I checked only with Chrome.
We all know a cookie can only contain 4k of data.
How many cookies can I creates? **Many!**
What cookies is browser going to send with every request? **All of them!**
How do servers usually react if the request is too long? **They don't
i checked it, and it works, i get the following error back:
400 Bad Request
Request Header Or Cookie Too Large
my question: is there a generic way to check the size of such headers like
and to cut them off, or should we live with such malicious intent?
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,246597,246597#msg-246597
More information about the nginx