|
|
|
|
|
|
by creator_lol
3192 days ago
|
|
|
> And just how would the client do that? Using an (easily spoofable) "Server:" header in the HTTP response? umm , yes?? Even a simple check would increase the complexity a successful attack. Yes it could be duplicated , but having a client that just dumps the credential without any verification does not sound like a good idea and is poor programming. |
|
|