Hello, run in loop requests with
X-Forwarded-Host: your_hackerz_site.com - after some time You will notice in response
X-Forwarded-Host - there still be our url:
i've logged to my VPS to verify this bug and downloaded poisoned page (https://www.shopify.com/partners/blog/7-web-design-and-development-awards-you-should-enter) , it's contains links to collabolator:
Looks like there is no URL keys so i stopped testing cause i'm breaking site functionally, but it was be worth to check if we can poison
X-Forwarded-Host : foobar.pl"><img src=x onerror=blah> or try use other headers, if i get permission i can try other vectors on a older article to prevent distributing users.
poisoning links, eg. FB share button: