#http

@ubuntu.activitypub.awakari.com.ap.brid.gy

2 days ago

Nessus 10.11 Auto Installer for Ubuntu 24.04 - Nessus 自动化安装程序 (updated Feb 2026) - sysin | 软件与技术分享 | SYStem INside Nessus 10.11 Auto Installer for Ubuntu 24.04 - Nessus 自动化安装程序 (updated Feb 2026) - sysin | 软件与技术分享 | SYStem INside

Nessus 10.11 Auto Installer for Ubuntu 24.04 - Nessus 自动化安装程序 (updated Mar 2026) 请访问原文链接： Nessus 10.11 Auto Installer for Ubuntu 24.04 - Nessus 自动化安装程序 (...

#HTTP #Linux #Security

Origin | Interest | Match

0 0 0 0

linux

@linux.activitypub.awakari.com.ap.brid.gy

2 days ago

Nessus 10.11 Auto Installer for RHEL 9 | RHEL 10 - Nessus 自动化安装程序 (updated Mar 2026) 请访问原文链接： Nessus 10.11 Auto Installer for RHEL 9 | RHEL 10 - Nessus 自动化安装...

#HTTP #Linux #Security

Origin | Interest | Match

0 0 0 0

@kkocel.bsky.social

3 days ago

Wednesday Links - Edition 2026-03-11 Java 26 for DevOps (2 min)☕ https://inside.java/2026/03/02/jdk-26-rn-ops/ HTTP Client Updates in...

Wednesday Links - Edition 2026-03-11
dev.to/0xkkocel/wed...
#java #jvm #http #springboot #dpop #quarkus #postgres #claude

2 1 0 0

Jan Schaumann

@jschauma.mstdn.social.ap.brid.gy

3 days ago

Original post on mstdn.social

System Administration: Week 7: DNS & HTTP

We're moving from the DNS on to HTTP. Sorry, no videos for this subtopic, but here are the slides from our last class. We discuss how to get your domain registered and then move on to summarize briefly HTTP the protocol and look at what CDNs do […]

0 2 0 0

randomMDN

@randommdn.front-end.social.ap.brid.gy

5 days ago

Original post on front-end.social

🦖 Sec-WebSocket-Protocol header
✅ Widely available (from Jul 2015)

developer.mozilla.org/en-US/docs/Web/HTTP/Refe...

The HTTP Sec-WebSocket-Protocol request and response header is used in the WebSocket opening handshake to negotiate a sub-protocol to […]

1 0 0 0

Pieter Claerhout

@yellowduck.be

5 days ago

Cross-site request forgery #html #http #reading-list

🔗 Cross-site request forgery

#html #http #reading-list

2 1 0 0

linux

@linux.activitypub.awakari.com.ap.brid.gy

1 week ago

Metasploit Framework 6.4.115 (macOS, Linux, Windows) - 开源渗透测试框架 - sysin | 软件与技术分享 | SYStem INside Metasploit Framework 6.4.115 (macOS, Linux, Windows) - 开源渗透测试框架 - sysin | 软件与技术分享 | SYStem INside

Metasploit Framework 6.4.120 (macOS, Linux, Windows) - 开源渗透测试框架请访问原文链接： Metasploit Framework 6.4.120 (macOS, Linux, Windows) - 开源渗透测试框架查看最新...

#HTTP #Linux #macOS #Security #Windows #Rapid7

Origin | Interest | Match

0 0 0 0

linux

@linux.activitypub.awakari.com.ap.brid.gy

1 week ago

Metasploit Pro 5.0.0 (Linux, Windows) 发布 - 专业渗透测试框架 - sysin | 软件与技术分享 | SYStem INside Metasploit Pro 5.0.0 (Linux, Windows) 发布 - 专业渗透测试框架 - sysin | 软件与技术分享 | SYStem INside

Metasploit Pro 5.0.0 (Linux, Windows) 发布 - 专业渗透测试框架请访问原文链接： Metasploit Pro 5.0.0 (Linux, Windows) 发布 - 专业渗透测试框架查看最新版。

#HTTP #Linux #Security #Windows #Rapid7

Origin | Interest | Match

0 0 0 0

kalvn

@kalvn.net

1 week ago

CSRF Protection without Tokens or Hidden Form Fields A couple of months ago, I received a request from a random Internet user to add CSRF protection to my little web framework Microdot, and I thought it was a fantastic idea.When I set off to do this…

Protection anti CSRF à l'aide du header `Sec-Fetch-Site`.

🔗 blog.miguelgrinberg.com/post/csrf-protection-wit...

#csrf #HTTP #sécurité

0 0 0 0

DanQ.me

@blog.m.danq.me.ap.brid.gy

1 week ago

Original post on danq.me

[Repost: I Am Experimenting with Blocking HTTP1.1]

Andrew Stephens has added Caddy configuration to prohibit HTTP/1 clients from accessing most of the pages of his website. I decided to probe it and see how that works.
Read more […]

0 0 0 0

fluffy 💜

@fluffy.plush.city.ap.brid.gy

1 week ago

Why I dislike .well-known There is a growing trend for new protocols to express themselves in the form of a well-known URI. It’s seen as an easy place to stash something where other interoperable software might want to probe for protocol support, as an improvement to the old ad-hoc behavior of things like `robots.txt` and `favicon.ico` and the like. I am not personally a fan of it, for a few reasons. The big one is that it means that all discovery for all uses of a protocol must be uniform across all areas on a single domain. For example, if you have URLs like `https://example.com/~alice/` and `https://example.com/~bob/` and both of them want to support the `foo` protocol, then `https://example.com/.well-known/foo` needs to have some means of distinguishing the two. And the way of doing that can be tricky. Do you have something like `https://example.com/.well-known/foo?resource=/~alice/`? How do you deal with path normalization (e.g. `/~alice` vs `~alice/` vs. `~alice/homepage.html`)? Do you have to consider things like cross-domain attacks? What if multiple users on a tilde site want to support different sets of protocols, or use different implementations? Putting things into the query string (the most typical approach for this) also means that you’re going to have to have some sort of dynamic mapping or request routing, which means this can’t work with purely static hosting. It also means that you might have to probe for this protocol support across every single URL being accessed on a domain. Another concern is that every protocol you want to support requires a separate HTTP request, and these things can add up pretty quickly. For example, whenever I post an article to my website and it goes out on my Mastodon feed, I get many dozens of Mastodon instances each probing an absolute litany of related URLs trying to determine whether this is a Mastodon instance or similar, and sometimes this ends up even overwhelming my server. Even without that, I’m getting a constant flood of requests for things like `/.well-known/traffic-advice` and `/.well-known/wp-login.php` and the like. A much better approach, in my opinion, is to have the discovery baked into the resource itself. In HTML you can use the `<link>` tag (e.g. `<link rel="foo" href="/~alice/foo-support.xml">`)1 and in HTTP in general you can use the `Link:` header (e.g. `Link: <https://example.com/%7Ealice/foo-support.xml>; rel=foo`). A single HTTP request can tell a client about _all_ possibly-supported protocols, all at once, and it can be baked in statically and thus supports static hosting. It also means there is no special case for handling multiple resources across a single domain, and if two pages have the exact same link target it can also be inferred that they are the same as far as that protocol is concerned. One concern that comes up is that of page bloat, when every page needs to include a bunch of `<link>` tags to express a growing list of supported protocols. This is, to me, a non-issue; for starters, you’re only declaring the protocols that you actually support, and it’s a single point of reference for all clients to discover all of the supported protocols. But also, the amount of bandwidth added to a page for even a few dozen protocols is miniscule compared to the amount of bandwidth taken by other accepted optimizations, such as inline CSS and `data:` blobs for images, as well as the bandwidth taken up by the incessant `.well-known` probes that are taking place at this point. A suite of related protocols could also be offered as a forwarding URL, such as IndieAuth’s current practice of bundling it all together into indieauth-metadata. This does require an extra HTTP request, but it only has to happen once, as that URL is extremely cacheable. The IndieWeb wiki has more to say about the growing usage of `.well-known` and why it’s considered an antipattern. As an aside, I am also not a fan of Webfinger, because not only does it require `.well-known` to work, but it attempts to flatten a namespace in ways that are difficult to deal with. On this website, you can easily get the update feed for any given section by discovering its `rel="alternate"` URLs, but there is no such mechanism in Webfinger; you can follow _the site as a whole_ as `@beesbuzz.biz@beesbuzz.biz` (thanks to Bridgy Fed) but you can’t follow just the `/code/` section, for example. There are some hacks such as making `@code@beesbuzz.biz`, `@comics@beesbuzz.biz` and so on, but then what about nested subdirectories (e.g. `/food/coffee/`)? Why not just use the URL itself as the specifier? With `<link>`-based discovery, you already can, and there’s nothing special about it. So, anyway: When designing a new protocol, please consider _not_ using `.well-known` URLs for discovery purposes. Let the URL itself provide its own information. 1. In some cases, such as content feeds, it can be a bit unclear as to whether you should use an existing `rel` (such as `alternate`) with an appropriate `type` to disambiguate, or if you should invent a new `rel`, but that’s a much smaller problem than those caused by `.well-known` creep. ↩ The general rule of thumb seems to be that if you’re designing an active interface-type protocol (e.g. something with a specific RESTful API), you should invent a new `rel`, and if you’re designing a feed format or other such alternate representation of a page’s content you should use `rel="alternate"`, although that does require some interpolation of the MDN Link Types document and the general common practices across the IndieWeb and Microformats communities.

busybee: Code: Why I dislike .well-known beesbuzz.biz/code/6987-Why-I-dislike-... #Internet #Code #HTTP #Web

0 0 0 0

Firefox

@firefox.activitypub.awakari.com.ap.brid.gy

1 week ago

Beyond Static Resources: Delta Compression for Dynamic HTML Compression Dictionary Transport (RFC 9842), authored by Patrick Meenan and Yoav Weiss, lets browsers...

Beyond Static Resources: Delta Compression for Dynamic HTML Compression Dictionary Transport ( RFC 9842 ), authored by Patrick Meenan and Yoav Weiss, lets browsers use previously seen content as co...

#webperf #http #compression

Origin | Interest | Match

0 0 0 0

Firefox

@firefox.activitypub.awakari.com.ap.brid.gy

1 week ago

Beyond Static Resources: Delta Compression for Dynamic HTML Compression Dictionary Transport (RFC 9842), authored by Patrick Meenan and Yoav Weiss, lets browsers...

Beyond Static Resources: Delta Compression for Dynamic HTML Compression Dictionary Transport ( RFC 9842 ), authored by Patrick Meenan and Yoav Weiss, lets browsers use previously seen content as co...

#webperf #http #compression

Origin | Interest | Match

0 0 0 0

SearchEngine

@searchengine.activitypub.awakari.com.ap.brid.gy

1 week ago

Original post on infoq.com

Cloudflare Debuts Markdown for Agents and Content Signals to Guide AI Crawlers Cloudflare has introduced “Markdown for Agents,” a feature that lets AI crawlers request Markdown versions of web ...

#Web #Data #Privacy #Agents #HTTP #Cloudflare #AI, #ML #& #Data […]

[Original post on infoq.com]

0 0 0 0

SearchEngine

@searchengine.activitypub.awakari.com.ap.brid.gy

1 week ago

Original post on infoq.com

Cloudflare Debuts Markdown for Agents and Content Signals to Guide AI Crawlers Cloudflare has introduced “Markdown for Agents,” a feature that lets AI crawlers request Markdown versions of web ...

#HTTP #Cloudflare #Agents #Web #Data #Privacy #AI, #ML #& #Data […]

[Original post on infoq.com]

0 0 0 0

linux

@linux.activitypub.awakari.com.ap.brid.gy

1 week ago

Nexpose 8.38.0 for Linux & Windows - 漏洞扫描 - sysin | 软件与技术分享 | SYStem INside Nexpose 8.38.0 for Linux & Windows - 漏洞扫描 - sysin | 软件与技术分享 | SYStem INside

Nexpose 8.38.0 for Linux & Windows - 漏洞扫描请访问原文链接： Nexpose 8.38.0 for Linux & Windows - 漏洞扫描查看最新版。

#HTTP #Linux #Security #Windows #Rapid7

Origin | Interest | Match

0 0 0 0

Random MDN

@random-mdn.bsky.social

1 week ago

Permissions-Policy: gyroscope directive The HTTP Permissions-Policy header gyroscope directive controls whether the current document is allowed to gather information ab…

🦖 Random MDN: Permissions-Policy: gyroscope directive 🦖

developer.mozilla.org/en-US/docs/Web/HTTP/Refe...

The HTTP Permissions-Policy header gyroscope directive controls whether the current document is allowed to gather information ab…

#webdev #HTTP

1 0 0 0

Веб-стандарты

@web-standards.ru

1 week ago

Заголовок «Dictionary Compression is finally here, and it’s ridiculously good», теги HTTP и Performance, страница словаря со статьёй «technology».

Словарное сжатие наконец здесь, и результаты впечатляют. Тим Перри показывает, как Compression Dictionary Transport уменьшает JS-бандлы до 90% для повторных посетителей. Уже в продакшене у Google, Shopify и Pinterest. #performance #http

httptoolkit.com/blog...

0 0 0 0

Web Standards

@web-standards.dev

1 week ago

“Dictionary Compression is finally here, and it’s ridiculously good” title, HTTP and Performance tags, and a close-up of a dictionary page with the “technology” entry.

Dictionary compression is finally here, and it’s ridiculously good. Tim Perry shows how Compression Dictionary Transport can shrink JS bundles up to 90% for returning users. Already used by Google, Shopify, and Pinterest in production. #performance #http

httptoolkit.com/blog...

8 1 0 1

WindowsCult

@windowscult.com

1 week ago

What are Key Differences Between HTTP and HTTPS

HTTP (Hypertext Transfer Protocol) is an insecure method for transmitting data in plain text, making it vulnerable to interception. HTTPS (HTTP Secure) uses SSL/TLS encryption to protect data in transit, providing confidentiality and integrity.
#Internet #security #encryption #HTTPS #HTTP #Tech

1 0 0 0

Cees-Jan Kiewiet

@wyrihaxim.us

1 week ago

Timberborn added HTTP support in their latest version. Both sending and receiving requests. Just a URL, no body or anything. But that is enough to have it signal my @home-assistant.io instance about whether I have enough logs or not in stock.

#timberborn #homeassistant #HTTP #GET

1 0 1 0

Random MDN

@random-mdn.bsky.social

1 week ago

User-Agent reduction User-Agent reduction is a broadly accepted browser initiative to reduce the amount of privacy-sensitive information provided in user agent (UA) strings.

🦖 Random MDN: User-Agent reduction 🦖

developer.mozilla.org/en-US/docs/Web/HTTP/Guid...

User-Agent reduction is a broadly accepted browser initiative to reduce the amount of privacy-sensitive information provided in user agent (UA) strings.

#webdev #HTTP

2 1 0 0

dusoft

@dusoft.fosstodon.org.ap.brid.gy

2 weeks ago

451: Unavailable due to legal reasons We recognize you are attempting to access this website from a country belonging to the European Economic Area (EEA) including the EU which enforces the General Data Protection Regulation (GDPR) and therefore access cannot be granted at this time. For any issues, call 770-382-4545.

Probably the first time I see the HTTP code 451 used in the wild.
#http #web #openweb #legal #code

1 1 0 0

randomMDN

@randommdn.front-end.social.ap.brid.gy

2 weeks ago

226 IM Used - HTTP | MDN The HTTP 226 IM Used successful response status code indicates that the server is returning a delta in response to a GET request. It is used in the context of HTTP delta encodings.

🦖 226 IM Used 🦖

developer.mozilla.org/en-US/docs/Web/HTTP/Refe...

The HTTP 226 IM Used successful response status code indicates that the server is returning a delta in response to a GET request. It is used in the context of HTTP delta encodings.

#webdev #HTTP

0 0 0 0

Random MDN

@random-mdn.bsky.social

2 weeks ago

Service-Worker-Allowed header The HTTP Service-Worker-Allowed response header is used to broaden the path restriction for a service worker's default scope.

🦖 Random MDN: Service-Worker-Allowed header 🦖

developer.mozilla.org/en-US/docs/Web/HTTP/Refe...

The HTTP Service-Worker-Allowed response header is used to broaden the path restriction for a service worker's default scope.

#webdev #HTTP

1 0 0 0

shevabam

@shevabam.bsky.social

2 weeks ago

Avoir une explication rapide des codes HTTP dans le terminal - Info... En tant que développeur, vous êtes amené à connaître la signification des codes HTTP les plus courants. Cependant, parfois, il s'avère qu'on ne se souvienne plus exactement de la définition d'un st...

A relire : Avoir une explication rapide des codes HTTP dans le terminal

blog.shevarezo.fr/post/2018/07/20/explicat...

#terminal #web #http #webdev #python #devops

0 0 0 0

iRODS

@irods.org

2 weeks ago

GitHub - irods/irods_client_http_python Contribute to irods/irods_client_http_python development by creating an account on GitHub.

The new iRODS HTTP API Python Wrapper Library v0.1.0 is released!

github.com/irods/irods_...

Via PyPI:
pip install irods-http

#python #irods #http #pypi

2 0 0 0

Pieter Claerhout

@yellowduck.be

2 weeks ago

Claude: Speed up responses with fast mode #ai #http #reading-list

🔗 Claude: Speed up responses with fast mode

#ai #http #reading-list

0 0 0 0

Mozilla

@mozilla.activitypub.awakari.com.ap.brid.gy

2 weeks ago

Awakari App

#HTTP #(WWW) #> #Internet

Origin | Interest | Match

0 0 0 0

Kubernetes

@kubernetes.activitypub.awakari.com.ap.brid.gy

2 weeks ago

[Перевод] Read-only-права в Kubernetes, позволяющие выполнить любой код: разбор критической уязвимости в популярных He...

#kubernetes #nodes-proxy #GET #API #Server #Proxy #Kubelet #API #verbs #глаголы #HTTP

Origin | Interest | Match

1 0 0 0

Posts tagged #http