Details
Currently the header check in check_has_header does not verify \r which could potentially lead to some misbehaviour if only \n is used in the header value. If this value is provided by user and not checked properly (e.g. it can be cookie value and it is not unlikely it could be taken from the user input (at least partially)), then it could specify it like for example Cookie: x=y\nauhtorization:x\r\n. If the URL has user part in it, then this can disable sending of that authorization header. That could potentially impact the result and lead potentially to DoS or potentially to some unexpected issues.
Impact
Preventing authorization header to be sent.
There are also some implication for other headers like user-agent and other checked by this functions. The impact is less likely but there could be possibly some security implications as well.
Details
Currently the header check in
check_has_headerdoes not verify\rwhich could potentially lead to some misbehaviour if only\nis used in the header value. If this value is provided by user and not checked properly (e.g. it can be cookie value and it is not unlikely it could be taken from the user input (at least partially)), then it could specify it like for exampleCookie: x=y\nauhtorization:x\r\n. If the URL has user part in it, then this can disable sending of that authorization header. That could potentially impact the result and lead potentially to DoS or potentially to some unexpected issues.Impact
Preventing authorization header to be sent.
There are also some implication for other headers like user-agent and other checked by this functions. The impact is less likely but there could be possibly some security implications as well.