TTT*_*TTT 0 c# asp.net iis dns
I have a rest application sitting on an IIS server (on the public internet) with a configuration as follows:
(The entry isn't in the public dns simply because it doesn't have to be. This isn't merely security by obscuring host headers.)
In order to get my client to connect to the application, I simply add an entry in my hosts file:
A.B.C.D something-not-public-dns.example.com
With the hosts file entry everything works great.
The problem is one of my clients is sitting inside of an ASP.NET web application, and I cannot modify the hosts file for the web server the application resides on.
Thus my question- is it possible to spoof a hosts file entry inside of a web application?
I was thinking of something like this:
string url = "something-not-public.example.com/myservice/mymethod";
var client = new WebClient();
client.Headers[HttpRequestHeader.ContentType] = "application/json";
// Set the destination IP for this request here!
string json = new System.Web.Script.Serialization.JavaScriptSerializer().Serialize(MyObject);
string response = client.UploadString(url, json);
I would consider the above example request level spoofing, which would be great, but I'm also curious to know if application level spoofing could be done as well. This way the application could set up the host entries and all requests made from within that application would use them.
您正在以错误的方式解决这个问题 - 而不是尝试设置从域名到 IP 地址的映射,您应该简单地向 IP 发出请求,并使用您的域名显式覆盖 HTTP 请求的 Host 标头想使用:
string url = "A.B.C.D/myservice/mymethod";
var client = new WebClient();
client.Headers[HttpRequestHeader.ContentType] = "application/json";
client.Headers[HttpRequestHeader.Host] = "something-not-public.example.com";
| 归档时间: |
|
| 查看次数: |
827 次 |
| 最近记录: |