Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning
This blog post describes an example practical application of the ‘HTTP 301 Cache Poisoning” attack that can be used by a malicious Tor exit node to disclose real IP address of chosen clients.