Welcome! Log In Create A New Profile

Advanced

Is $http_host dangerous?

May 26, 2012 07:00PM
No one has an answer to my question, so I figured out a solution:
http://forum.nginx.org/read.php?2,226823,226849#msg-226849

I had to replace `$host` with `$http_host` to get my problem resolved...

But is this safe?

It seems like all `$http_host` is doing is to exposed the whole `HOST` from header.
The explination http://forum.nginx.org/read.php?2,213799 here is still not clear to me...


Someone has any idea why would `$http_host` be more dangerous?
Thanks.
Subject Author Posted

Is $http_host dangerous?

jwxie May 26, 2012 07:00PM

Re: Is $http_host dangerous?

Francis Daly May 27, 2012 07:24AM

Re: Is $http_host dangerous?

x7311 May 27, 2012 05:56PM

Re: Is $http_host dangerous?

x7311 May 27, 2012 06:16PM

Re: Is $http_host dangerous?

Francis Daly May 27, 2012 07:22PM

Re: Is $http_host dangerous?

Francis Daly May 27, 2012 08:30PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 71
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready