

Server-side browsing considered harmful [pdf] - liotier
http://www.agarri.fr/docs/AppSecEU15-Server_side_browsing_considered_harmful.pdf

======
vezzy-fnord
This is an interesting tour of real-world SSRF (Server-Side Request Forgery),
an overlooked class of web application vulnerability as described here:
[https://cwe.mitre.org/data/definitions/918.html](https://cwe.mitre.org/data/definitions/918.html)

------
shangxiao
It's funny reading this after the article about banning PowerPoint[1] and
being instantly reminded of why it should be banned.

[1]
[https://news.ycombinator.com/item?id=9606345](https://news.ycombinator.com/item?id=9606345)

~~~
stephengillie
But this is a PDF, not a PowerPoint deck. So it would seem to "prefute" (pre-
refute) the point.

And your post makes the counterpoint: The problem is with the 'lack of design
training that runs rampant in humanity', not with the presentation tool.

~~~
hyperpape
It looks like a per generated from a PowerPoint deck to me.

