Hi Martin,
Thank you very much, we'll go that route!
Jonathan Babie
Java Applications Developer
Work: (838) 910-4274
From: Martin Grigorov
Sent: Tuesday, November 8, 2022 3:18 AM
To: users@wicket.apache.org
Subject: Re: Host Header Injection Solutio
Hi Jonathan,
On Tue, Nov 8, 2022 at 4:39 AM Jonathan P. Babie
wrote:
> Hello,
>
> Our Wicket web application went through an app scan. We understand most
> problems that came back from the report and have solutions, but one that's
> troubling us is:
>
>
> I've omitted our URLs, but essentially
ty: max-age=31536000; preload
Jonathan Babie
Java Applications Developer
Work: (838) 910-4274
From: Jonathan P. Babie
Sent: Monday, November 7, 2022 9:38 PM
To: users@wicket.apache.org
Subject: Host Header Injection Solution
Hello,
Our Wicket web application went
Hello,
Our Wicket web application went through an app scan. We understand most
problems that came back from the report and have solutions, but one that's
troubling us is:
[cid:f744744c-2d7a-4cd8-9179-ef02d9dc6ea4]
I've omitted our URLs, but essentially it seems they were able to manipulate
th