Comments (3)
Would you care to PR this? Keep in mind this would break sites where authenticated users would need to visit different subdomains.
from cheatsheetseries.
Sure, can do! In that case, maybe we should also re-phrase the current text about __Host-
which IMHO is a bit unclear:
Another solution for this problem [...]
It's not completely obvious to me what "this problem" is referring to.
Additionally, I wouldn't call this as "another solution" as this sounds too much like an alternative. Especially with older clients is crucial to not see this as an alternative to existing In-Depth measures but as an extension/addition.
I'll draft something and we can iterate on that!
from cheatsheetseries.
Fixed with #1374
from cheatsheetseries.
Related Issues (20)
- Update: Abuse_Case_Cheat_Sheet.md HOT 2
- Update: [XML External Entity Prevention Cheat Sheet] HOT 2
- New CS proposal: Software Supply Chain Security HOT 3
- Update: Cross-Site_Request_Forgery_Prevention_Cheat_Sheet HOT 2
- Update: Error_Handling_Cheat_Sheet HOT 2
- Update: LDAP_Injection_Prevention_Cheat_Sheet HOT 2
- Update: CSRF Broken Markup? HOT 3
- Update: Authentication Cheat Sheet HOT 7
- bug: 404 link: docker icc canonical info is gone. HOT 3
- Update: OAuth2_Cheat_Sheet.md HOT 2
- Update: Cross-Site Request Forgery Prevention Cheat Sheet HOT 1
- Update: [XSS Filter Evasion Cheat Sheet] HOT 3
- Update: HTTP_Headers_Cheat_Sheet HOT 4
- Update: Transport_Layer_Security_Cheat_Sheet
- Update: Adding new language(s) translation(s) HOT 2
- Update: Help documentation on website HOT 2
- New CS proposal: Drone Security HOT 2
- Update: Transport Layer Security Cheat Sheet - Consider the use of Extended Validation Certificates HOT 12
- Update: LDAP Injection Prevention - LinqToLdap needs maintainance power HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cheatsheetseries.