|
|
|
|
|
|
by bodyfour
4288 days ago
|
|
|
CGI will typically pass most any header along as a HTTP_headername environment variable (HTTP_HOST is just one example) I'd expect most malicious exploiters to use a non-standard header, since User-Agent's value is often logged. |
|
|