Skip to main content
4 events
when toggle format what by license comment
Jun 29, 2017 at 13:38 comment added Steffen Ullrich @iain: to cite myself: you gain not really anything new by modifying the Host header in the request since as a man in the middle you could already modify the Location header in the response anyway
Jun 29, 2017 at 12:06 comment added Josef Then you can also trick the user into installing a browser plugin that does far more evil stuff.
Jun 29, 2017 at 11:28 comment added user1880405 thanks for your insight. I am thinking that one scenario could be to trick user into somehow installing some browser plugin which might change Host header, but likelihood seems extremely low.
Jun 29, 2017 at 11:09 history answered Steffen Ullrich CC BY-SA 3.0