Y
Hacker News
new
|
ask
|
show
|
jobs
by
calyhre
1397 days ago
At Slite, for all outgoing calls we use a sandboxed proxy. It has saved us a few times already. We detailed the trick in a blog post ->
https://slite-tech-blog.ghost.io/anti-ssrf-solution/
1 comments
freeqaz
1397 days ago
This is the path I've seen be fairly robust at a few tech companies I've helped sort out this defense for. I've helped write libraries too but the proxy is the easiest approach when targeting many languages.
link