🗃 CacheServ — Cache Demo

🦹 Attacker — prime the cache

Send GET /home with X-Forwarded-Host header set to attacker-controlled value.

URL X-Forwarded-Host

Response:(idle)

😇 Victim — normal request

Send GET /home with no X-Forwarded-Host header.

Response:(idle)

Server cache state

(empty)