Yeah, that was my point, default deny vs default allow. If you can default deny,... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		oblio 9 months ago \| parent \| context \| favorite \| on: Deno 2.4 Yeah, that was my point, default deny vs default allow. If you can default deny, then you're good. It's kind of a junior sysadmin mistake, otherwise, I would say.

bugtodiffer 9 months ago [–]

There are usecases like SSRF where I want to allow any IP, except for my internal network. They promise they can do that, but they cant.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact