Inspection and Sanitization Guidance for HyperText Transport Protocol (HTTP)

Abstract: The purpose of this document is to provide guidance for the development of an inspection and sanitization software tool for the HyperText Transport Protocol (HTTP). It introduces the syntax of the protocol and then discusses the components that have data hiding, data attack, and data disclosure risks. This document provides an analysis of these components and recommendations to mitigate their risks.

Date Published:

Last Reviewed: 11 December 2017

Identifier: U/OO/234038-17

Dissemination Control: N/A

Format: pdf

Type: Reference/Overview; Report

Tags: National Security Agency - NSA; Cyber; Guidance; Exploitation; Vulnerability; Data