Injection: CRLF Injection¶

Identifier: crlf

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner

Description¶

CRLF injection happens when an attacker tricks your system into inserting unintended carriage return and newline characters in HTTP headers. This allows them to end one header and start another, potentially giving them the power to craft rogue requests or inject malicious headers. The risk is significant because it can lead to altered responses, redirections, or even sensitive data leaks if the attackers control parts of the HTTP exchange. Developers often fall into pitfalls by not properly sanitizing inputs that may be inserted into headers, assuming that trusted data wont include newline characters. It's a sharp reminder to always clean and validate any data used in constructing HTTP responses.

References:

http://www.watchfire.com/resources/HTTPResponseSplitting.pdf

Configuration¶

Example¶

Example configuration:

---
security_tests:
  crlf:
    assets_allowed:
    - REST
    - GRAPHQL
    skip: false

Reference¶

`assets_allowed`¶

Type : List[AssetType]*

List of assets that this check will cover.

`skip`¶

Type : boolean

Skip the test if true.