I found a lot of questions about stackoverflow, which mentions digest authentication. I could not find how digest authentication prevents replay attacks? I use the fiddler tool to intercept an HTTP request to servers. I used the same tool to replay requests to the server, but the server asked for authentication.
I need to understand exactly how preventing re-attack is achieved. How can a server detect any replay of HTTP requests?
Any links / resources would be appreciated.
source
share