[squid-dev] I have seen this patch for Host Header forgery, I need translation.
ngtech1ltd at gmail.com
Wed Jan 6 19:49:57 UTC 2021
I know a bit about host header forgery.
However I have seen this patch and was wondering about the effect it would
have on a proxy:
The best solution is that the DNS world would be "perfected" however in the
real world there are
For example I have seen that specific domain names are generated
After a basic confirmation in the HTTP/HTTPS level the client can try to
access a set of dynamic domains.
I am still not sure what is the right approach about the current logs.
It's pretty annoying if the admin knows that it happens however if he will
disable it by "default"
There are other side effects.
Logs, yes?no?.. nut sure..
Email: ngtech1ltd at gmail.com
Zoom: Coming soon
More information about the squid-dev