"Upgrade-Insecure-Request: 1" 的意思是什么?

huangapple go评论135阅读模式
英文:

What does "Upgrade-Insecure-Request: 1" mean?

问题

我是新手赏金猎人。我想在构建移动应用和Web应用之前先了解网络安全。我正在寻找漏洞,并决定拦截HTTP流量,结果看到了"Upgrade-Insecure-Request"。我能够利用这个漏洞吗?

英文:

I am new to bug bounties. I want to understand cyber security first before building mobile and web apps. I am looking for bugs and decided to intercept the http traffic and ended up seeing Upgrade-Insecure-Request. Can I exploit this?

答案1

得分: 0

根据 Mozilla 文档:

HTTP Upgrade-Insecure-Requests 请求头发送一个信号给服务器,表示客户端偏好获得加密和经过身份验证的响应,并且可以成功处理 the upgrade-insecure-requests CSP 指令。

详细信息请参考:https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests

英文:

Per Mozilla:

The HTTP Upgrade-Insecure-Requests request header sends a signal to the server expressing the client's preference for an encrypted and authenticated response, and that it can successfully handle the upgrade-insecure-requests CSP directive.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests

huangapple
  • 本文由 发表于 2023年5月28日 02:55:10
  • 转载请务必保留本文链接:https://go.coder-hub.com/76348532.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定