On Jan 28, 2013 4:10 PM, "Eliezer Croitoru" <[email protected]> wrote: > The main issue in this case is that metalinks rely on hashes to verify the download content While the store-id feature actually works only on a URL. > The above can open a very deep security hole for cache poisoning. > Implementing a same-origin\same-domain policy is not an option since the url object in the metalinks files can be from different domains\ip and subdirectories. > A same filename policy also dosn't apply since a simple script\rewriting can fake it.
If the proxy computes the hash itself, from the content, does that solve the cache poisoning vulnerability? -- You received this message because you are subscribed to the Google Groups "Metalink Discussion" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/metalink-discussion?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
