| ▲ | nl 3 hours ago | |
Sure, but the practical form of this attack is limited. You can't maliciously embed it in a site you control to either steal map usage or run up their bill because other people's web browsers will send the correct host header. That means you can use a botnet or similar to request it using a a script. But if you are botnetting Google will detect you very quickly. | ||
| ▲ | KomoD 2 hours ago | parent [-] | |
> But if you are botnetting Google will detect you very quickly. They don't do anything against that. | ||