Hi, I'm an independent security researcher and author of host-validation, an NPM module for protecting Express.js servers from DNS rebinding attacks via host header validation. I've done a fair amount of research on the subject and I think DNS rebinding protection through header validation would be a perfect addition to lusca. I'm happy to spearhead this effort if there is interest. I'm willing to write a PR with updates to the lib, tests, and documentation, pending discussion.
Hi, I'm an independent security researcher and author of
host-validation, an NPM module for protecting Express.js servers from DNS rebinding attacks via host header validation. I've done a fair amount of research on the subject and I think DNS rebinding protection through header validation would be a perfect addition to lusca. I'm happy to spearhead this effort if there is interest. I'm willing to write a PR with updates to the lib, tests, and documentation, pending discussion.