Fluid Attacks Database

Description

Detects when HTTP headers are configured to accept any MIME type without proper content type validation. This could allow attackers to upload malicious files by bypassing MIME type restrictions, potentially leading to remote code execution or XSS attacks.

Weakness:

153 - Insecure or unset HTTP headers - Accept

Category: Protocol Manipulation

Detection Strategy

• Identifies calls to Header.Add methods in Go code for setting HTTP headers

• Checks if header configuration allows unrestricted MIME types through the Header.Add pattern

• Reports vulnerability when header manipulation is detected without proper MIME type validation

• Focuses on method calls matching the pattern 'word.Header.Add' in the code

Vulnerable code example

package main

import "net/http"

func makeRequest() {
    req, _ := http.NewRequest("GET", "https://api.example.com", nil)
    req.Header.Add("Accept", "*/*")  // Vulnerable: Accepts any content type, could lead to MIME confusion attacks
}

✅ Secure code example

package main

import (
    "net/http"
    "time"
)

func makeRequest() error {...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.