Simon Willison's Weblog: dnsrebindinghttp://simonwillison.net/2007-08-02T12:53:59+00:00Simon Willison(somewhat) breaking the same-origin policy by undermining dns-pinning2007-08-02T12:53:59+00:002007-08-02T12:53:59+00:00https://simonwillison.net/2007/Aug/2/shampoo/#atom-tag
<p><strong><a href="http://shampoo.antville.org/stories/1451301/">(somewhat) breaking the same-origin policy by undermining dns-pinning</a></strong></p>
This is the best technical explanation of the DNS rebinding attack I’ve seen. The linked demo worked for me in Safari but not in Camino.
<p>Tags: <a href="https://simonwillison.net/tags/camino">camino</a>, <a href="https://simonwillison.net/tags/dnsrebinding">dnsrebinding</a>, <a href="https://simonwillison.net/tags/safari">safari</a>, <a href="https://simonwillison.net/tags/samedomain">samedomain</a>, <a href="https://simonwillison.net/tags/security">security</a></p>
Your browser is a tcp/ip relay2007-08-02T12:53:11+00:002007-08-02T12:53:11+00:00https://simonwillison.net/2007/Aug/2/relay/#atom-tag
<p><strong><a href="http://radar.oreilly.com/archives/2007/08/your_web_browse.html">Your browser is a tcp/ip relay</a></strong></p>
Thoroughly nasty new(ish) attack that breaks the same-domain policy and allows intranet content to be stolen by a malicious site. Using virtual hosts (hence requiring the Host: header) is the best known protection.
<p>Tags: <a href="https://simonwillison.net/tags/arturbergman">arturbergman</a>, <a href="https://simonwillison.net/tags/dnsrebinding">dnsrebinding</a>, <a href="https://simonwillison.net/tags/samedomain">samedomain</a>, <a href="https://simonwillison.net/tags/security">security</a></p>