Tag: http2

CVE-2023-44487 HTTP2 vulnerability

Recently, the security circle announced a 0day vulnerability, CVE-2023-44487, that uses the HTTP/2 fast reset mechanism to carry out DDoS attacks. Since the HTTP/2 protocol has been widely used on the Internet, this vulnerability has attracted widespread attention in the industry once it was released. . As we introduced in the previous article, Leichi WAF […]

In-depth analysis of the vulnerability principle-CVE-2023-44487 HTTP2

Recently, the security circle announced a 0day vulnerability, CVE-2023-44487, that uses the HTTP/2 fast reset mechanism to carry out DDoS attacks. Since the HTTP/2 protocol has been widely used on the Internet, this vulnerability has attracted widespread attention in the industry once it was released. . As we introduced in the previous article, Leichi WAF […]

Vulnerability CVE-2023-44487 HTTP2

Recently, the security circle announced a 0day vulnerability, CVE-2023-44487, that uses the HTTP/2 fast reset mechanism to carry out DDoS attacks. Since the HTTP/2 protocol has been widely used on the Internet, this vulnerability has attracted widespread attention in the industry once it was released. . As we introduced in the previous article, Leichi WAF […]

http2/push chrome removal support

# chrome removal support https://www.ctrl.blog/entry/http2-push-chromium-deprecation.html#:~:text=Server push is an optional feature introduced in, times. It also enables use-cases like instant redirects. go code example -assets folder -app2 -css main.css -js main.js index.html main.go index.html <!DOCTYPE html> <html lang=”en”> <head> <meta charset=”UTF-8″> <meta name=”viewport” content=”width=device-width, initial-scale=1.0″> <link rel=”icon” href=”/public/favicon.ico” type=”image/x-icon” /> <link rel=”stylesheet” href=”/public/css/main.css” /> <title>File Server</title> […]

Complete analysis of HTTP2 protocol

The HTTP protocol has undergone many revisions and changes since its birth. HTTP/2 has undergone revolutionary changes compared to HTTP/1.0 and HTTP/1.1. It can also be seen from its major version number changing from 1 to 2. A huge upgrade, HTTP/2 mainly solves the problem of low interaction efficiency of HTTP/1.x protocol. HTTP uses TCP […]

HTTP2 connectivity test

Introduction to HTTP/2 HTTP: HTTP/1.X – High Performance Browser Networking (O’Reilly) HTTP/2 (Hypertext Transfer Protocol version 2, originally named HTTP 2.0), referred to as h2 (encrypted connection based on TLS/1.2 or above) or h2c (unencrypted connection), HTTP/2 is the third version of the HTTP protocol Two major versions, used to transfer data between Web servers […]

HTTP2 HPACK header compression

Foreword In the HTTP/1.x era, only the message body supports compression, because generally speaking, the message body is usually larger than the header. Compressing the message body can reduce the size of the data packet and improve transmission performance. But after long-term observation, people found that there are a lot of repeated data in the […]

Netty encodes and decodes HTTP2 Frame

Foreword In the era of HTTP/1.x, HTTP is a text protocol, simple and direct, human-friendly and readable. The header and body are distinguished by line breaks, which is inefficient and error-prone for computers to process. HTTP2 breaks this tradition. It does not change the semantics of the HTTP protocol. The request response still has a […]