(default) HTTP Response Splitting
Deny Rule Group – (default) HTTP Response Splitting

HRS

  • Prevents HTTP response splitting by blocking injection of an HTML response body or response header.

Included Deny Rules

Rule name
Basic
Standard
Strict
(default HPE_001a) Response header injection in parameter value
Icon - ON
(default HPE_005a) Critical response header injection in parameter value
Icon - ON
Icon - ON
(default HPE_010a) Response body injection in parameter value
Icon - ON
(default HPE_015a) Critical response body injection in parameter value
Icon - ON
Icon - ON