Re: [DNS] Nothing like making it hard

Re: [DNS] Nothing like making it hard

From: Lucian Daniel Kafka <luci§>
Date: Tue, 19 Nov 2002 13:16:20 +1100
At 01:08 PM 19/11/2002 +1100, you wrote:
>That'd work fine till some scumbag figured out that putting in a header
>with random HTTP_X_FORWARDED_FOR values allowed them to create a rather
>large hole through the restrictions :-(
>In other words, the HTTP_X_FORWARDED_FOR is user-suplied data - it's not
>to be trusted.

But that's not the issue - it's like the locks on the door - really there 
to keep the honest people away. It's easier to get around the lookup limits 
in other ways that generating custom request headers...

Kind regards,

Lucian Kafka
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:06 UTC