Bypassing Web Cache Poisoning Countermeasures
https://portswigger.net/blog/bypassing-web-cache-poisoning-countermeasures [portswigger.net]
2018-10-06 02:48
Following my presentation and whitepaper on Web Cache Poisoning last month, various companies have deployed defences in an attempt to mitigate cache poisoning attacks. In this post I’ll take a look at some common weaknesses that can be used to bypass them.
Ultimately, patching web cache poisoning on an ad-hoc basis can be tricky and the authors of web frameworks are the best placed people to resolve the most common types.
source: grugq