/plushcap/analysis/cloudflare/cache-poisoning-protection

How Cloudflare protects customers from cache poisoning

What's this blog post about?

On August 20, 2018, a "practical" cache poisoning attack was discovered by Cloudflare and the rest of the world. This type of attack involves a malicious user crafting an HTTP request that tricks the origin into producing a "poisoned" version of a file with the same cache key as an innocuous request. To mitigate this vulnerability, Cloudflare has taken several steps including notifying customers who are at risk and blocking all requests containing obviously malicious content in an HTTP header. Additionally, they have included "interesting" header values in the cache key to prevent unnecessary cache sharding.

Company
Cloudflare

Date published
Aug. 20, 2018

Author(s)
Jon Levine

Word count
891

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.