Doing some QA on these web handlers I wrote. Trying all sorts of stupid combinations just in case I forgot something: None of them should do anything unless the client presents a valid session cookie. And only a few combinations of header parameters are valid.

Staying alive?

Identity in Entra ID wooo

Soc pinging us about a Fortigate with a management console on a public IP.

Yea. Not a fun day.