Can a Man-in-the-Middle-Attack be achieved by adding a cloudfront distribution origin of a domain not owned by me?
Cloudfront supports adding external origins, i.e. domains that are not S3 buckets or ALBs. This led me to wonder whether adding domains that are not owned by the entity as an origin could allow for intercept the request payload, and potent… Continue reading Can a Man-in-the-Middle-Attack be achieved by adding a cloudfront distribution origin of a domain not owned by me?