Download Netsparker
Pricing
Blog
Contact
Netsparker

HTTP Redirect Status Response Has Two Responses

Netsparker identified an unexpected redirect response body (two responses).

This generally indicates that after redirect the page did not finish the response as it was supposed to.

Impact

This can lead to serious issues such as authentication bypass in authentication-required pages. In other pages it generally indicates a programming error.

Remedy

  1. Finish the HTTP response after you redirect the user.
  2. In ASP.NET, use Response.Redirect("redirected-page.aspx", true) instead of Response.Redirect("redirected-page.aspx", false).
  3. In PHP applications, call exit() after you redirect the user.


Go back to the Complete list of Vulnerability Checks.