Last active
March 2, 2020 01:11
-
-
Save JamoCA/916dbb2d0ca0fe30ca63120bcaccc20f to your computer and use it in GitHub Desktop.
Blocking HTML5 Ping Requests using ColdFusion
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!--- 20190627 | |
Block/Track Ping HTTP Requests using ColdFusion | |
GIST: https://gist.github.com/JamoCA/916dbb2d0ca0fe30ca63120bcaccc20f | |
BLOG: https://dev.to/gamesover/blocking-html5-ping-requests-using-coldfusion-4ei8 | |
If you are not expecting or do not need to receive ping requests to your web server, block any | |
web requests that contain "Ping-To" and/or "Ping-From" HTTP headers on the edge devices (Firewall, | |
WAF, etc.). If you can't do that, you can still detect it in ColdFusion and abort prior to wasting | |
any resources processing the request further. | |
More info: | |
https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/ | |
https://www.imperva.com/blog/the-ping-is-the-thing-popular-html5-feature-used-to-trick-chinese-mobile-users-into-joining-latest-ddos-attack/ | |
https://hub.packtpub.com/chrome-safari-opera-and-edge-to-make-hyperlink-auditing-compulsorily-enabled/ | |
NOTE: It appears Brave, Dissenter & Firefox offer the ability to disable "ping" tracking. Chrome has removed the ability to disable it. | |
---> | |
<cfset Headers = GetHttpRequestData(false).headers> | |
<cfif StructKeyExists(Headers, "Content-Type") and Headers["Content-Type"] is "text/ping"> | |
<!--- Optional: log headers["ping-to"] and headers["ping-from"] ---> | |
<cfheader statuscode="204" statustext="No Content"> | |
<cfabort> | |
</cfif> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment