[security bug] www subdomain is accepted
Closed this issue · 6 comments
6km commented
I tried to set the subdomain to www
to check if there's a bug with it, and it accepted it.
Now the main page https://www.tsafi.xyz/ redirects to my site.
Sorry for that, I really didn't mean to do it. Please fix this bug ASAP.
michaelshimeles commented
I just pushed a fix, thanks for pointing this out
6km commented
I just pushed a fix, thanks for pointing this out
Thanks for fixing that! I was stuck on the home page.
6km commented
@michaelshimeles I tried again and it still accepts it. By the way, I guess staging.tsafi.xyz should not be allowed too.
michaelshimeles commented
pushing a fix
michaelshimeles commented
try testing it out now @6km
6km commented
Thanks @michaelshimeles! I tested it out and it has been fixed! 🚀