HackerTrans
TopNewTrendsCommentsPastAskShowJobs

coffeetrackpad

no profile record

comments

coffeetrackpad
·5 yıl önce·discuss
Thanks for this @albinowax_ - super interesting!

Just a quick question about the H2.CL case study. Did Netflix have a separate vulnerability where their server wrongly trusted Host headers with netflix.com suffix and returned a 302 response which can redirected users to an arbitrary host? I'm just trying to see whether I interpret the case study correctly.