
Password Reset and Web-Cache Poisoning (and a Little Surprise in RFC-2616) - d0bby
https://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html
======
d0bby
"How does a deployable web-application know where it is? Creating a
trustworthy absolute URI is trickier than it sounds. Developers often resort
to the exceedingly untrustworthy HTTP Host header (_SERVER["HTTP_HOST"] in
PHP)"...

