[squid-dev] I have seen this patch for Host Header forgery, I need translation.

Eliezer Croitoru ngtech1ltd at gmail.com
Wed Jan 6 19:49:57 UTC 2021


Hey,

I know a bit about host header forgery.
However I have seen this patch and was wondering about the effect it would
have on a proxy:
https://github.com/NethServer/dev/issues/5348

The best solution is that the DNS world would be "perfected" however in the
real world there are
other consideration.
For example I have seen that specific domain names are generated
"on-demand",
After a basic confirmation in the HTTP/HTTPS level the client can try to
access a set of dynamic domains.

I am still not sure what is the right approach about the current logs.
It's pretty annoying if the admin knows that it happens however if he will
disable it by "default"
There are other side effects.

Logs, yes?no?.. nut sure..

Thanks,
Eliezer

----
Eliezer Croitoru
Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd at gmail.com
Zoom: Coming soon





More information about the squid-dev mailing list