Normalization
Header Normalization
Header normalization tests check what happens when a server accepts a malformed header rather than rejecting it. The /echo endpoint reflects received headers back in the response body, letting Http11Probe see whether the server:
- Normalized the header name to its standard form (smuggling risk — a proxy chain member may interpret it differently)
- Preserved the original malformed name (mild proxy-chain risk)
- Dropped the header entirely (safe)
Some tests are unscored (marked with
*). These cover behaviors like case normalization that are RFC-compliant and common across servers.Server Name
Click to view Dockerfile and source code
Click to view Dockerfile and source code
Table Row
Click to expand all results for that server
Click to expand all results for that server
Result Cell
Click to see the full HTTP request and response
Click to see the full HTTP request and response
Loading...