HTTP Host Header Protection
To improve security, Digital.ai Release 23.1 and later, includes measures to prevent HTTP Host Header Injection attacks from causing random redirects. You can now add the white-listed host names to the hostnames key in the xl-release.conf file.