pub enum AuthHeaderVariant {
LowercaseScheme,
NoWhitespaceAfterScheme,
TabBetweenSchemeAndToken,
MultipleSpacesAfterScheme,
DuplicateHeaderFirstWinsBenign,
QuotedScheme,
TrailingJunkAfterToken,
ControlByteInToken,
}Expand description
Authorization-header smuggle variants.
Variants§
LowercaseScheme
bearer <token> — lowercase scheme. RFC 7235 §2.1 says
case-insensitive; some WAFs match literally and miss it.
NoWhitespaceAfterScheme
Bearer<token> — no whitespace between scheme and token.
RFC says 1*SP; some lenient parsers join them.
TabBetweenSchemeAndToken
Bearer\t<token> — TAB instead of SP between scheme and
token. RFC 5234 allows SP only in 1*SP; lax parsers accept
any LWS.
MultipleSpacesAfterScheme
Bearer <token> — multiple spaces (3-7 chosen randomly)
instead of 1*SP. Some strict parsers reject; most accept.
DuplicateHeaderFirstWinsBenign
Two Authorization: header lines with different tokens.
header_lines returns both. WAF takes first; origin may
take last → privilege escalation differential.
QuotedScheme
"Bearer" <token> — scheme wrapped in double quotes. Strict
RFC rejects; some lax parsers strip.
TrailingJunkAfterToken
Bearer <token> trailing junk — extra bytes after the
token. Most parsers stop at whitespace; WAFs scanning the
whole value see the trailing payload.
ControlByteInToken
Bearer <token-with-ctl-byte> — control byte inserted into
the token. Strict parsers reject; lax parsers strip.
Trait Implementations§
Source§impl Clone for AuthHeaderVariant
impl Clone for AuthHeaderVariant
Source§fn clone(&self) -> AuthHeaderVariant
fn clone(&self) -> AuthHeaderVariant
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreimpl Copy for AuthHeaderVariant
Source§impl Debug for AuthHeaderVariant
impl Debug for AuthHeaderVariant
impl Eq for AuthHeaderVariant
Source§impl Hash for AuthHeaderVariant
impl Hash for AuthHeaderVariant
Source§impl PartialEq for AuthHeaderVariant
impl PartialEq for AuthHeaderVariant
Source§fn eq(&self, other: &AuthHeaderVariant) -> bool
fn eq(&self, other: &AuthHeaderVariant) -> bool
self and other values to be equal, and is used by ==.impl StructuralPartialEq for AuthHeaderVariant
Auto Trait Implementations§
impl Freeze for AuthHeaderVariant
impl RefUnwindSafe for AuthHeaderVariant
impl Send for AuthHeaderVariant
impl Sync for AuthHeaderVariant
impl Unpin for AuthHeaderVariant
impl UnsafeUnpin for AuthHeaderVariant
impl UnwindSafe for AuthHeaderVariant
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key and return true if they are equal.