[CKAN-Security] Your CDN cache seem to be polluted

Masaki Hidano masagon at info-lounge.jp
Tue Sep 3 10:13:43 UTC 2019


Hello CKAN admin

When I access to https://ckan.org/ in Japan with Accept-Language is ja,
it's redirect to unrelated shopping web site.

I think CDN cache in Japan (5106e1631fd72e1f-NRT) is polluted.

<Good: Accept-Language=en>
$ curl -s -D - -o /dev/null https://ckan.org  -H 'Accept-Language: en'
*HTTP/2 200*
date: Tue, 03 Sep 2019 10:01:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7dac7acfc07186503a33d6db696a10911567504865;
expires=Wed, 02-Sep-20 10:01:05 GMT; path=/; domain=.ckan.org; HttpOnly;
Secure
link: <https://wp.me/P7GnYI-mo>; rel=shortlink
expect-ct: max-age=604800, report-uri="
https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5106e1631fd72e1f-NRT

<Bad: Accept-Language=ja>
$ curl -s -D - -o /dev/null https://ckan.org  -H 'Accept-Language: ja'
*HTTP/2 302*
date: Tue, 03 Sep 2019 10:01:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da5370a7f633472a2f59a6457ab98675d1567504896;
expires=Wed, 02-Sep-20 10:01:36 GMT; path=/; domain=.ckan.org; HttpOnly;
Secure
*location: http://www.vog79.com/ <http://www.vog79.com/>*
expect-ct: max-age=604800, report-uri="
https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5106e221ada3d641-NRT


-- 
※2018年9月1日より株式会社になりました。
***********************************
インフォ・ラウンジ株式会社 http://info-lounge.jp/
〒224-0032 横浜市都筑区茅ケ崎中央47-7 センターステージビル2F
TEL: 045-482-4361 FAX: 045-345-0703

代表取締役社長 肥田野 正輝 masagon at info-lounge.jp (090-2620-2379)
***********************************

-- 
You received this message because you are subscribed to the Google Groups "CKAN Security" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security+unsubscribe at ckan.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190903/7f883e72/attachment.html>


More information about the Security mailing list