Closed afedukov closed 2 months ago
ahinkle
commented
2 months ago Have you ever encountered a situation where the entire domain (e.g., links, images) are swapped with a different domain on a specific page? I encountered this today. All other pages are fine.
JosephSilber
commented
2 months ago Do you have any other entry into your app, by a different domain?
Whatever is rendered the first time the page is encountered, that's what gets cached to disk.
JosephSilber
commented
2 months ago Laravel's url helper (and friends) generally use the APP_URL variable in your env to build URLs. If some pages are accessed with that env variable being something, then that's what will be cached for future requests.
ahinkle
commented
2 months ago Yeah, do you have any security recommendations that we could have missed?
We have an L11 app that is very minimal up on Forge. The client can be considered a possible high target. We found that the public/page-cache/index.html file was deliberately modified in logs to a different URL. I understand that the scope can be outside of this package here, but I just want to ensure we didn't miss any security recommendations since it's in the /public/ realm.
JosephSilber
commented
2 months ago It's impossible to know from the outside.
Does the URL in there mean anything to you?
Strange issue: sometimes, on my cached pages ALL links are replaced with some random string or domain, that of course breaks the website. Anyone experienced that behavior?