Forum Discussion
Mohamed_Lrhazi
Jul 25, 2014Altocumulus
Host header is one part of "http request", there is no "host" info in a header, then another in the "request".
disgruntled employee can download plugins to firefox or chrome and craft whatever headers or requests he needs, no need to mess with their /etc/hosts. If one can wipe out everything, when they should not have been allowed to, than that a bigger issue you have. Your system needs to securely authenticate people, then apply authorization policies so they access just what the need to access...
Unless I totally misunderstood your question, which happens to me often. Sorry.