關注
Cache-Poisoned Denial-of-Service (CPDoS) is a new class of web cache poisoning attacks aimed at disabling web resources and websites.
@poga what's the neg ttl generally set to for CDN cache servers?
@poga in any case we'd be better served by whitelisting http headers per application rather than entrusting nothing bad will happen. too many special headers that can mess with the flow of web applications and people generally turn a blind eye to it all
