A security researcher discovered that bots searchher apple που ανίχνευσαν τη σειρά podcast του, είχαν διαρροή εσωτερικών IP, λόγω ενός λανθασμένου διαμορφωμένου διακομιστή μεσολάβησης.
For its part, Apple took a little over 9 months to fix this leak, for no apparent reason.
Applebot refers to the web program detectionof Apple that scans the web to find content for its users.
"Applebot is the web crawler for Apple. "Products like Siri and Spotlight Suggestions use Applebot," according to Apple.
Last month, the researcher better safetyand podcaster David Coomber, discovered that Applebot had used a proxy server that leaked Apple's internal IP addresses.
A sample request made to Coomber's website contained both headers (headers) που αποκάλυπταν την εσωτερική address IP of the device behind the proxy server.
The fields listed respectively are the external IP address of the proxy server, the route requested, the code HTTP response, the web browser's user agent information, and the Via and X-Forwarded-For header values.
Although I've seen some bots that were not set up properly, I was surprised to see Apple's Podcast bot looking for updates on my podcast (Deep House Mixes) using a proxy that displayed internal IPs and hostnames from "Via" , ”X - Forwarded-For”.