security::validated_host_header (public)
security::validated_host_header
Defined in packages/acs-tcl/tcl/security-procs.tcl
- Returns:
- validated host header field or empty
- Author:
- Gustaf Neumann Protect against faked or invalid host header fields. Host header attacks can lead to web-cache poisoning and password reset attacks <for more details, see e.g. http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html>
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.