The just of the matter is we currently blindly trust the external data source: https://api.ipify.org/
We assume the request goes to actually https://api.ipify.org/ but don't plan for the below.
what if the local DNS is corrupted and https://api.ipify.org/ for the PC is currently pointed to an attacker controlled server?
ensure the request can be made without blocking input
Ensure the result is actually a properly valid p address. Also strip anything out that follows after.
Enforce a timeout on the Http request.;
The just of the matter is we currently blindly trust the external data source: https://api.ipify.org/
We assume the request goes to actually https://api.ipify.org/ but don't plan for the below.
what if the local DNS is corrupted and https://api.ipify.org/ for the PC is currently pointed to an attacker controlled server?
ensure the request can be made without blocking input
Ensure the result is actually a properly valid p address. Also strip anything out that follows after.
Enforce a timeout on the Http request.;