- Published on
Oxeye’s security research team has found a security vulnerability in Golang-based applications. Under certain conditions, it lets a threat actor bypass validations based on HTTP request parameters due to the use of unsafe URL parsing.
Http
- Published on
还是写篇文章讨论一下这个事。文章包括如下部分: - 为什么要用不同的HTTP动词?- REST API进行复杂查询 - 几个主要问题的回应- Published on
如何在HTTP头里找工作- Published on
HTTP 协议(Hypertext Transfer Protocol)已经成为互联网上最常用的应用层协议,然而其本身只是用于传输超文本的网络协议,不会提供任何安全上的保证,使用明文在互联网上传输数据包使得窃听和中间人攻击成为可能,通过 HTTP 传输密码其实与在互联网上裸奔也差不多。- Published on
HTTP/3 is the next protocol for network communication across the Web, which is meant to partially replace HTTP/1 and HTTP/2. One month before the next QUIC Working Group meeting, to be held in Zurich next February, it may be useful to recap what HTTP/3 promises and what its current client/server support looks like.- Published on
When building web services, a common wisdom is to try to reduce the number of HTTP requests to improve performance. There are a variety of benefits to this, including less total bytes being sent, but the...- Published on
An activity diagram to describe the resolution of HTTP response status codes, given various headers. - GitHub - for-GET/http-decision-diagram: An activity diagram to describe the resolution of HTTP...- Published on
分享一个网站: How HTTPS works- Published on
wrk - a HTTP benchmarking tool wrk is a modern HTTP benchmarking tool capable of generating significant load when run on a single multi-core CPU. It combines a multithreaded design with scalable event...- Published on
https://github.com/tsenart/vegeta- Published on
- Published on
Now available in Chinese (yes, you read that right)So… You want to write an HTTP server. Well, you’re in luck, The Internet Engineering Task Force (IETF) is here to help us. Whenever they’re not fighting with...