Misusing HTTP Status codes

Posted by teknikqa on Wed, 02/02/2011 - 17:08

This is not what HTTP Status codes are intended for:
https://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information

Useful, but creepy!

Credit: Bruce Schneier (http://www.schneier.com/blog/archives/2011/02/hacking_http_st.html)

Tags: