Blog

Industry Insights!

Categories
- blogs
- CMS
- comedy
- domains
- email
- Excel
- Graphic Design
- html
- internet
- Inventions
- iphone
- Java
- law enforcement
- links
- linux
- Miscellaneous
- mobile
- news
- opinion
- outsourcing
- php
- politics
- Ruby on Rails
- security
- SEO
- server administration
- snippets
- Social Networking
- technology
- tutorials
- video
- viral
- vista
- web design
- Web Marketing
- web projects
August 2008

M T W T F S S

« Jul Sep »

1 2 3

4 5 6 7 8 9 10

11 12 13 14 15 16 17

18 19 20 21 22 23 24

25 26 27 28 29 30 31
Archives
Pages
- About
- FAQ

August 2008
M	T	W	T	F	S	S
« Jul		Sep »
	1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

AUG

HTTP HOST header fake

technology — mike @ 6:06 pm

Just a quick tip, if you use the HOST: header in your applications, remember, don’t use it anywhere critical to security because it can be faked by someone with the know how. I know that there is some popular blogging software out there…. that had previously used $_SERVER[’HTTP_HOST’] to include a file, if it is faked that is insecure.