HTTP Host头攻击漏洞

请参照:https://www.cnblogs.com/zyilong/p/handel_httphost_attack.html

该漏洞仅对HTTP有效,所以另外一个方法是全站启用HTTPS。

扩展阅读:
Apache Module mod_headers:http://httpd.apache.org/docs/2.2/mod/mod_headers.html
HTTP头:https://cloud.tencent.com/developer/section/1190030

posted @ 2021-03-07 10:30  ageovb  阅读(194)  评论(0编辑  收藏  举报