- From: Frederik Deweerdt <fdeweerdt@fastly.com>
- Date: Mon, 2 Jul 2018 11:06:57 -0700
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>, sludin@akamai.com, nick@cloudflare.com
On Mon, Jul 2, 2018 at 12:03 AM Mark Nottingham <mnot@mnot.net> wrote: > > (Co-author hat on) > > For interest / discussion. This is a proposal for a minimal mechanism to avoid loop attacks and misconfigurations against CDNs. Feedback appreciated. > I like the fact that this essentially is just a requirement to make the request slightly bigger every time it goes through a host, and ends up relying on the fact that some implementation defined limit (individual header size or total header size) will eventually be hit, which means that it doesn't have to specify how loops need to be enforced. Frederik
Received on Monday, 2 July 2018 18:07:30 UTC