This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet articles
This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
Latest comment: 16 years ago1 comment1 person in discussion
TerraFrost, I noticed that you added links to articles about DNS pinning and Host header checking. I agree that there should be a mention of circumvention techniques, but I am concerned that these articles might be confusing to readers. The first article (circumventing DNS pinning) describes how to trick browsers into unpinning; this is not a flaw in pinning but rather an observation that current browsers do not fully implement pinning. A better example of a flaw in pinning is that browsers cannot enforce pinning when a proxy is being used. The second article (circumventing Host header checking) is a bit outdated, since it came several years before the Flash DNS rebinding fixes. Although it seems possible and even likely that attacks on Host header integrity may still exist, it would be best to link to a more up-to-date article on the issue, or perhaps provide some more context about when the article was written. Rulesdoc (talk) 06:10, 4 January 2008 (UTC)Reply
