This Time We Might Really Say Goodbye to HTTP

This Time We Might Really Say Goodbye to HTTP

Hello everyone, I am ConardLi. On August 16, the official Chromium blog announced that it will attempt to default all website protocols to HTTPS (even if users actively access via HTTP). This experiment has already been initiated in Chrome 115. As you may have noticed, over the past few years, most websites have been transitioning … Read more

Google Officially Abandons HTTP, Marking All as Insecure Starting July

Google Officially Abandons HTTP, Marking All as Insecure Starting July

(Click the public account above to quickly follow) Source: NetEase Technology http://tech.163.com/18/0209/07/DA6GET0600097U7R.html According to foreign media Venturebeat, Google announced today that starting in July this year, the address bar of the Chrome browser will mark all HTTP sites as insecure. This is the third step in Google’s campaign against HTTP sites. HTTPS is the upgraded … Read more

Differences Between HTTP and HTTPS

Differences Between HTTP and HTTPS

HTTP (HyperText Transfer Protocol) and HTTPS (HyperText Transfer Protocol Secure) have the following main differences: 1. Security HTTP: Transmits in plaintext, data is unencrypted and vulnerable to man-in-the-middle attacks (such as eavesdropping, tampering, hijacking). HTTPS: Uses SSL/TLS encryption, ensuring that data is encrypted during transmission, enhancing security. 2. Port HTTP: Default port is 80. HTTPS: … Read more

Bypassing WAF at the HTTP Protocol Level

Bypassing WAF at the HTTP Protocol Level

PS: This article is for technical analysis only and is prohibited for other illegal uses. First, let me introduce myself. I’m a novice who started learning Web penetration testing in 2017. The reason? Of course, my own website was hacked… Getting to the point, as security awareness increases, enterprises are paying more attention to the … Read more

HttpOnly Defense Against XSS

HttpOnly Defense Against XSS

Disclaimer This article is for academic research purposes only and should not be used on real unauthorized websites. Any illegal use is not related to the platform or the author of this article, and you must take responsibility! What is HttpOnly HttpOnly is a boolean attribute in the Set-Cookie response header. Once added, the browser … Read more

Decoding the New Features of HTTP/2 and HTTP/3

Decoding the New Features of HTTP/2 and HTTP/3

Author | Frontend Craftsman Editor | Zhang Zhidong, Wang Wenjing HTTP/2 has significantly improved web performance compared to HTTP/1.1, requiring only an upgrade to this protocol to reduce many of the performance optimizations that were previously necessary. Of course, compatibility issues and how to gracefully downgrade are likely among the reasons it is not yet … Read more

Choosing Between HTTP and HTTPS for Website Construction: Should You Use www or Not?

Choosing Between HTTP and HTTPS for Website Construction: Should You Use www or Not?

In website construction, the choice of URL needs to be considered from multiple perspectives including security, SEO, and user experience. Here are specific recommendations: 1. HTTP VS HTTPS It is strongly recommended to choose HTTPS for the following reasons: – Security: HTTPS encrypts data transmission through SSL/TLS, preventing information from being stolen or tampered with … Read more

Mastering HTTPS: Theory and Practice

Mastering HTTPS: Theory and Practice

1. Basic Concepts HTTP: is the most widely used network protocol on the Internet, serving as a standard for requests and responses between clients and servers. It is a protocol used to transfer hypertext from WWW servers to local browsers, making browsing more efficient and reducing network transmission. HTTPS: is a secure version of HTTP, … Read more

Notes on Understanding HTTP

Notes on Understanding HTTP

Notes on Understanding HTTP ❝ This is the 285th article in the series on growth by Guoxing. ❞ (1) Reading Understanding HTTP The duration is three weeks from July 11 to July 31. 1. Why Learn HTTP? The front end (client) displays pages and interactions; The back end (server, logic code, data) completes function writing … Read more

Understanding HTTPS and SSL/TLS Protocols

Understanding HTTPS and SSL/TLS Protocols

To clearly explain the implementation principles of the HTTPS protocol, we need to understand at least the following background knowledge. 1. A rough understanding of several basic terms (HTTPS, SSL, TLS) 2. A rough understanding of the relationship between HTTP and TCP (especially “short connection” vs. “long connection”) 3. A rough understanding of the concept … Read more