Monday, December 22, 2014

Re: malicious requests?

Alex,

The trailing period could be from online promotional materials for your site. Someone may have written your URL with the trailing period inside the URL by mistake when the promotional materials were created. It may not be an attack vector from a malicious hacker, but instead, valid users just clicking on a link that contains a URL for your site with the trailing period.

Mark

On Mon, Dec 22, 2014 at 4:43 AM, Alex Haylock <ageo+django@mykolab.com> wrote:
Are there any known attack vectors that involve appending a period/
full-stop to a sites domain name?

My Django application throws a handful of errors in production every day:

ERROR: Invalid HTTP_HOST header: 'www.example.com.'. You may need to add
u'www.example.com.' to ALLOWED_HOSTS.

(note the trailing period)

Is this malicious behaviour, or just users mistyping the URL?

Also, browsers are clearly treating the final '.' as part of the path
(as these requests are reaching my application), but Django is treating
the '.' as part of the hostname. Which is right?

--
Regards,


Alex

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/549803CE.7060208%40mykolab.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAEqej2P1%3DvY_E97id-jVRAqrkHAV0Qx0kE9U6OPO82OAMq1Vzw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)