undefined | Better HN

0 pointsju-st5y ago0 comments

https://en.wikipedia.org/wiki/DNS_rebinding

0 comments

I particularly like the “websites can reject unknown host header” solution as an extra form of protection against this. But we go back to the web socket server needing to inspect the URL and host headers it’s given. Also: https://news.ycombinator.com/item?id=23263983

j / k navigate · click thread line to collapse

0 pointsju-st5y ago0 comments

https://en.wikipedia.org/wiki/DNS_rebinding

0 comments

lstamour5y ago

I particularly like the “websites can reject unknown host header” solution as an extra form of protection against this. But we go back to the web socket server needing to inspect the URL and host headers it’s given. Also: https://news.ycombinator.com/item?id=23263983

j / k navigate · click thread line to collapse