How Cloudflare protects customers from cache poisoning
On August 20, 2018, a "practical" cache poisoning attack was discovered by Cloudflare and the rest of the world. This type of attack involves a malicious user crafting an HTTP request that tricks the origin into producing a "poisoned" version of a file with the same cache key as an innocuous request. To mitigate this vulnerability, Cloudflare has taken several steps including notifying customers who are at risk and blocking all requests containing obviously malicious content in an HTTP header. Additionally, they have included "interesting" header values in the cache key to prevent unnecessary cache sharding.
Company
Cloudflare
Date published
Aug. 20, 2018
Author(s)
Jon Levine
Word count
891
Language
English
Hacker News points
None found.