THIS entry discusses the observation of HTTP requests containing the 'X-Vercel-Set-Bypass-Cookie' header directed at a honeypot. The header is associated with Vercel's testing features that allow for disabling certain security protections. The article details a specific request format and mentions that this header can be configured to either fully enable a cookie or set a 'same-site' property depending on user needs.
The header's potential misuse is noted, suggesting it could relax security settings, leading to risks such as secret exposure. The request was identified as being sent through an open proxy, indicating an attempt to hide the attacker's identity.