Web application set cookie based on a GET paramater. Is it vulnerable?
In my web application I take the GET paramater x and I store it in a cookie after URL-encoding it (so there is no HTTP response splitting). Some people say that this can be abused to cause DOS, but I can’t find any explanaiti… Continue reading Web application set cookie based on a GET paramater. Is it vulnerable?