Misusing HTTP Status codes

  • Posted on: 2 February 2011
  • By: teknikqa

This is not what HTTP Status codes are intended for:
https://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information

Useful, but creepy!

Credit: Bruce Schneier (http://www.schneier.com/blog/archives/2011/02/hacking_http_st.html)