Check Host header in other endpoints (GENA)
Host verification has been implemented in SOAP endpoints (DNS rebinding protection). However, this is not enabled on GENA endpoints: it is possible to issue SUBSCRIBE
and UNSUBSCRIBE
GENA requests through DNS rebinding. The impact is probably minor compared to the SOAP endpoints but someone might be able to exploit this. I'd argue it would be better to add the DNS-rebinding protection for these endpoints as well.
See #24 (closed)