Y
Hacker News
new
|
ask
|
show
|
jobs
by
15155
77 days ago
Timing attack on the preflight.
1 comments
bastawhiz
76 days ago
The DNS lookup will take an indeterminate amount of time and the cors failure is cached. You can't really effectively do a timing attack, especially if the client and the real server take a random time to respond. You get exactly one sample.
link
15155
76 days ago
detect-ccd.creativecloud.adobe.com returns NXDOMAIN. Why can't you request a different resource to get more than one attempt?
link