[CKAN-Security] Your CDN cache seem to be polluted

Adrià Mercader adria.mercader at okfn.org
Tue Sep 3 10:39:57 UTC 2019


Dear Masaki Hidano,

Thanks very much for your report. We have just been recently dealing with
this problem on the hosting side. We've purged the CDN cache and ask for a
Google reindex but it might take a while to propagate.
Can you confirm if you are still getting malicious results on your end?

Many thanks and apologies

Adrià

On Tue, 3 Sep 2019 at 12:31, Masaki Hidano <masagon at info-lounge.jp> wrote:

> Hello CKAN admin
>
> When I access to https://ckan.org/ in Japan with Accept-Language is ja,
> it's redirect to unrelated shopping web site.
>
> I think CDN cache in Japan (5106e1631fd72e1f-NRT) is polluted.
>
> <Good: Accept-Language=en>
> $ curl -s -D - -o /dev/null https://ckan.org  -H 'Accept-Language: en'
> *HTTP/2 200*
> date: Tue, 03 Sep 2019 10:01:08 GMT
> content-type: text/html; charset=UTF-8
> set-cookie: __cfduid=d7dac7acfc07186503a33d6db696a10911567504865;
> expires=Wed, 02-Sep-20 10:01:05 GMT; path=/; domain=.ckan.org; HttpOnly;
> Secure
> link: <https://wp.me/P7GnYI-mo>; rel=shortlink
> expect-ct: max-age=604800, report-uri="
> https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
> server: cloudflare
> cf-ray: 5106e1631fd72e1f-NRT
>
> <Bad: Accept-Language=ja>
> $ curl -s -D - -o /dev/null https://ckan.org  -H 'Accept-Language: ja'
> *HTTP/2 302*
> date: Tue, 03 Sep 2019 10:01:37 GMT
> content-type: text/html; charset=UTF-8
> set-cookie: __cfduid=da5370a7f633472a2f59a6457ab98675d1567504896;
> expires=Wed, 02-Sep-20 10:01:36 GMT; path=/; domain=.ckan.org; HttpOnly;
> Secure
> *location: http://www.vog79.com/ <http://www.vog79.com/>*
> expect-ct: max-age=604800, report-uri="
> https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
> server: cloudflare
> cf-ray: 5106e221ada3d641-NRT
>
>
> --
> ※2018年9月1日より株式会社になりました。
> ***********************************
> インフォ・ラウンジ株式会社 http://info-lounge.jp/
> 〒224-0032 横浜市都筑区茅ケ崎中央47-7 センターステージビル2F
> TEL: 045-482-4361 FAX: 045-345-0703
>
> 代表取締役社長 肥田野 正輝 masagon at info-lounge.jp (090-2620-2379)
> ***********************************
>
> --
> You received this message because you are subscribed to the Google Groups
> "CKAN Security" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to security+unsubscribe at ckan.org.
> _______________________________________________
> CKAN security
> https://lists.okfn.org/mailman/listinfo/security
> https://lists.okfn.org/mailman/options/security/adria.mercader%40okfn.org
>
> Repo: https://github.com/ckan/ckan-security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190903/98e221d5/attachment-0001.html>


More information about the Security mailing list