June 2013

Update to ResponseCoder

An update to ResponseCoder is available to allow manipulation of the HTTP version header - some examples are listed below:

HTTP/1.2 200 OK
HTTP/12345 200 OK
BLAH/1.1 200 OK

A quick test shows all three of the above examples work in the current version of Chrome, Internet Explorer supports the first two cases, whilst Firefox rejects all of them (displaying even the headers in the browser window).

ResponseCoder - Manipulation of HTTP Response Headers

ResponseCoder is designed to allow you to easily manipulate HTTP response headers - specifically to identify weaknesses in perimeter filtering appliances such as web proxies and next generation firewalls. It’s an open source PHP script that formulates HTTP response headers on-the-fly, allowing the operator to form specific test cases as necessary.