A security researcher discovered that bots search of Apple that detected his podcast series had leaked internal IPs due to a misconfigured proxy.
For its part, Apple took a little over 9 months to fix this leak, for no apparent reason.
Applebot refers to Apple's web crawler that scans the web to find content for its users.
"Applebot is the web crawler for Apple. "Products like Siri and Spotlight Suggestions use Applebot," according to Apple.
Last month, security researcher and podcast creator David Coomber discovered that Applebot had used a proxy that leaked Apple's internal IP addresses.
A sample request made on the Coomber website contained both headers that revealed the internal IP address of the device behind the proxy server.
The fields listed respectively are the external IP address of the proxy server, the route requested, the codeς απόκρισης HTTP, οι πληροφορίες του παράγοντα χρήστη του προletterof the web browser and the Via and X-Forwarded-For header values.
“Although I've seen some bots that weren't set up properly, I was surprised to see Apple's Podcast bot looking for updates on my podcast (Deep House Mixes) using a proxy that displayed internal IPs and hostnames from "Via", "X - Forwarded-For".
