HTTP/1.1 must die: the desync endgame

Abstract Upstream HTTP/1.1 is inherently insecure and regularly exposes millions of websites to hostile takeover. Six years of attempted mitigations have hidden the issue, but failed to fix it. This p

---

文章来源: https://portswigger.net/research/http1-must-die