Walking my dog earlier, I came across the sign on the right. Having just looked at yet another middleware/HTTP header issue (the Next.js problem that became public this weekend) [1], I figured I should write something about HTTP headers. We all know HTTP headers. But it appears some do not know them well enough. Just like this sign, proxies and other middleboxes hardly ever stop unsafe behaviors.
This article has been indexed from SANS Internet Storm Center, InfoCON: green