pub enum HppStrategy {
DuplicateFirst {
decoy: String,
},
DuplicateLast {
decoy: String,
},
ArrBracket,
}Expand description
HTTP Parameter Pollution variant.
HPP exploits the gap between which value a WAF parses (almost
always the first occurrence of a duplicate key) and which value the
backend parses (PHP/Express/Django/Rails typically take the LAST;
arrays — param[]= — preserve all). A safe-looking pair on the
WAF-visible side carries the WAF inspection while the backend
reads the attack payload from a duplicate.
Pre-R74 the UrlStrategy::Hpp variant was a documented stub —
apply_bytes only sees one value, so it had no way to add a second
pair. The architectural fix lives here, operating on the
(name, value) pair list directly.
Pass 21 R74 — closes pass-20 F4 / Innovation-audit F1 (LAW 1 stub).
Variants§
DuplicateFirst
param=attack → param=safe¶m=attack. WAFs that take the
first value see safe; backends that take the last see the
attack. Most common HPP form in 2024–2026 real-world bypasses.
DuplicateLast
param=attack → param=attack¶m=safe. Inverse — backends
that take FIRST see the attack while WAFs that scan ALL pairs
dilute their attention with a benign trailer.
ArrBracket
param=attack → param[]=attack. PHP-style array syntax.
Some Spring / Django middleware re-routes param[] to the same
handler that reads param, while WAF rules anchored on the
literal param= miss the bracketed form.
Implementations§
Trait Implementations§
Source§impl Clone for HppStrategy
impl Clone for HppStrategy
Source§fn clone(&self) -> HppStrategy
fn clone(&self) -> HppStrategy
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreSource§impl Debug for HppStrategy
impl Debug for HppStrategy
impl Eq for HppStrategy
Source§impl PartialEq for HppStrategy
impl PartialEq for HppStrategy
Source§fn eq(&self, other: &HppStrategy) -> bool
fn eq(&self, other: &HppStrategy) -> bool
self and other values to be equal, and is used by ==.impl StructuralPartialEq for HppStrategy
Auto Trait Implementations§
impl Freeze for HppStrategy
impl RefUnwindSafe for HppStrategy
impl Send for HppStrategy
impl Sync for HppStrategy
impl Unpin for HppStrategy
impl UnsafeUnpin for HppStrategy
impl UnwindSafe for HppStrategy
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key and return true if they are equal.