Disallow search for CNAME in particular #113089
Unanswered
nickyreinert
asked this question in
Code Search and Navigation
Replies: 1 comment
-
Thanks for the feedback, but there are valid reasons to search for |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Product Feedback
Body
Context:
GitHub Pages are using CNAME files inside a repo containg a given domain name and an A record that points the particular domain name to GitHub's IP addresses.
Suggestion
While GitHub point to the risk of wildcard A records for domains in its documentation (https://docs.github.com/en/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages) I think it is not known or obvious to everyone that wildcard records allow it to easly takeover foreign subdomains.
Although the web UI and the API somehow limit code search, it is still possible to search for "CNAME" at GitHub and therefore easily find possible targets to take over sub domains.
That's why I suggest that it shouldn't be possible to search for this exact keyword "CNAME" at all.
Beta Was this translation helpful? Give feedback.
All reactions