.:\dGh/:.<p>Does you web app requires a 10MB JavaScript to work?</p><p>Not anymore!</p><p><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Compression_dictionary_transport" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">developer.mozilla.org/en-US/do</span><span class="invisible">cs/Web/HTTP/Guides/Compression_dictionary_transport</span></a></p><p><a href="https://mastodon.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JavaScript</span></a> <a href="https://mastodon.social/tags/ECMAScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ECMAScript</span></a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebDevelopment</span></a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebDev</span></a> <a href="https://mastodon.social/tags/JS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JS</span></a> <a href="https://mastodon.social/tags/Programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Programming</span></a> <a href="https://mastodon.social/tags/WebBrowsers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebBrowsers</span></a> <a href="https://mastodon.social/tags/Browser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Browser</span></a> <a href="https://mastodon.social/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
en.osm.town is one of the many independent Mastodon servers you can use to participate in the fediverse.
An independent, community of OpenStreetMap people on the Fediverse/Mastodon.
Funding graciously provided by the OpenStreetMap Foundation.
Administered by:
Server stats:
268active users
en.osm.town: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#http
4 posts · 4 participants · 1 post today
iX Magazin<p>iX-Workshop API-Sicherheit: OWASP Top 10 API Security Risks</p><p>Lernen Sie hands-on, wie Sie Schwachstellen in der API-Implementierung vermeiden und Angriffe abwehren.</p><p><a href="https://www.heise.de/news/iX-Workshop-API-Sicherheit-OWASP-Top-10-API-Security-Risks-10339561.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/iX-Workshop-API-</span><span class="invisible">Sicherheit-OWASP-Top-10-API-Security-Risks-10339561.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://social.heise.de/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IdentityManagement</span></a> <a href="https://social.heise.de/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/iXWorkshops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iXWorkshops</span></a> <a href="https://social.heise.de/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OWASP</span></a> <a href="https://social.heise.de/tags/Schnittstellen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Schnittstellen</span></a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sicherheitslücken</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
iX Magazin<p>iX-Workshop: API-Design und -Entwicklung mit HTTP, REST und OpenAPI</p><p>Lernen Sie, wie man effiziente und benutzerfreundliche APIs entwickelt, HTTP- und REST-Standards anwendet und standardisierte Referenzdokumentationen erstellt.</p><p><a href="https://www.heise.de/news/iX-Workshop-API-Design-und-Entwicklung-mit-HTTP-REST-und-OpenAPI-10335051.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/iX-Workshop-API-</span><span class="invisible">Design-und-Entwicklung-mit-HTTP-REST-und-OpenAPI-10335051.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://social.heise.de/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/iXWorkshops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iXWorkshops</span></a> <a href="https://social.heise.de/tags/Softwareentwicklung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Softwareentwicklung</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Felix Palmen :freebsd: :c64:<p>Trying to come up with my own little self-hosted <a href="https://mastodon.bsd.cafe/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> <a href="https://mastodon.bsd.cafe/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> <a href="https://mastodon.bsd.cafe/tags/daemon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>daemon</span></a> to work with <a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a>' "authentication request" facility ... first step done! 🥳</p><p>Now I have a subset of HTTP 1.x implemented in <a href="https://mastodon.bsd.cafe/tags/C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>C</span></a>, together with a dummy handler showing nothing but a static hello-world root document.</p><p>I know it's kind of stubborn doing that in C, but hey, <a href="https://mastodon.bsd.cafe/tags/coding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>coding</span></a> it is great fun 🙈 </p><p><a href="https://github.com/Zirias/swad" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Zirias/swad</span><span class="invisible"></span></a></p>
loganer<p><a href="https://mastodon.social/tags/Help" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Help</span></a> <a href="https://mastodon.social/tags/Web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Web</span></a> <a href="https://mastodon.social/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> </p><p>is there a tool I can give an ip and port to and it will do all the common HTTP requests?</p><p>then it should print out for each request,<br>expect:{ the content it expected in return from the server }<br>got:{ the content it actual got back from the server }</p><p>obviously regex for stuff that could be different.</p>
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕<p>Anubis: self hostable scraper defense software</p><p>Weigh the soul of incoming HTTP requests using proof-of-work to stop AI crawlers</p><p>🧙♀️ <a href="https://anubis.techaro.lol" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">anubis.techaro.lol</span><span class="invisible"></span></a></p><p><a href="https://chaos.social/tags/anubis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>anubis</span></a> <a href="https://chaos.social/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> <a href="https://chaos.social/tags/pow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pow</span></a> <a href="https://chaos.social/tags/stopai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>stopai</span></a> <a href="https://chaos.social/tags/ai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ai</span></a> <a href="https://chaos.social/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>web</span></a> <a href="https://chaos.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>itsecurity</span></a> <a href="https://chaos.social/tags/proofofwork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proofofwork</span></a> <a href="https://chaos.social/tags/antii" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>antii</span></a> <a href="https://chaos.social/tags/noai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>noai</span></a></p>
madiator2011<p><span>From: blenderdumbass . org<br><br>The multiplayer, or the lack there of, at the moment is so utterly broken and so lacking of being properly made that for a long time, I was just not bothering with it. Seeing it as something unnecessary. Something that does not need to be touched, because other things, like the...<br><br>Read or listen: </span><a href="https://blenderdumbass.org/articles/a_rant_about_making_a_multiplayer_game" rel="nofollow noopener noreferrer" target="_blank">https://blenderdumbass.org/articles/a_rant_about_making_a_multiplayer_game</a><span><br><br></span><a href="https://shark.madiator.com/tags/Gamedev" rel="nofollow noopener noreferrer" target="_blank">#Gamedev</a> <a href="https://shark.madiator.com/tags/DanisRace" rel="nofollow noopener noreferrer" target="_blank">#DanisRace</a> <a href="https://shark.madiator.com/tags/Networking" rel="nofollow noopener noreferrer" target="_blank">#Networking</a> <a href="https://shark.madiator.com/tags/Multiplayer" rel="nofollow noopener noreferrer" target="_blank">#Multiplayer</a> <a href="https://shark.madiator.com/tags/TCP" rel="nofollow noopener noreferrer" target="_blank">#TCP</a> <a href="https://shark.madiator.com/tags/HTTP" rel="nofollow noopener noreferrer" target="_blank">#HTTP</a> <a href="https://shark.madiator.com/tags/Programming" rel="nofollow noopener noreferrer" target="_blank">#Programming</a> <a href="https://shark.madiator.com/tags/Python" rel="nofollow noopener noreferrer" target="_blank">#Python</a> <a href="https://shark.madiator.com/tags/UPBGE" rel="nofollow noopener noreferrer" target="_blank">#UPBGE</a> <a href="https://shark.madiator.com/tags/Blender3d" rel="nofollow noopener noreferrer" target="_blank">#Blender3d</a> <a href="https://shark.madiator.com/tags/GNU" rel="nofollow noopener noreferrer" target="_blank">#GNU</a> <a href="https://shark.madiator.com/tags/Linux" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://shark.madiator.com/tags/GamingOnLinux" rel="nofollow noopener noreferrer" target="_blank">#GamingOnLinux</a> <a href="https://shark.madiator.com/tags/FreeSoftware" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a> <a href="https://shark.madiator.com/tags/OpenSource" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a></p>
heise Security<p>Cloudflare macht unsicherem HTTP den Garaus</p><p>Klartextkommunikation erlaubt auch Unbefugten Einsicht in Daten. Cloudflare unterstützt daher auch für API-Aufrufe kein HTTP mehr.</p><p><a href="https://www.heise.de/news/Cloudflare-macht-unsicherem-HTTP-den-Garaus-10328030.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Cloudflare-macht</span><span class="invisible">-unsicherem-HTTP-den-Garaus-10328030.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://social.heise.de/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> <a href="https://social.heise.de/tags/https" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>https</span></a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Michael Horowitz<p>Should you ever run across an article that says you don't need a VPN because most every website use HTTPS, be aware that you can not see the encryption, or the lack of it, in mobile apps. Thus, things like this happen - Apple did not bother to upgrade their own software from HTTP to HTTPS. </p><p> <a href="https://9to5mac.com/2025/03/18/apples-passwords-app-was-vulnerable-to-phishing-attacks-for-nearly-three-months-after-launch/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">9to5mac.com/2025/03/18/apples-</span><span class="invisible">passwords-app-was-vulnerable-to-phishing-attacks-for-nearly-three-months-after-launch/</span></a><br>Apple’s Passwords app was vulnerable to phishing attacks for nearly three months after launch <br><a href="https://mastodon.world/tags/vpn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vpn</span></a> <a href="https://mastodon.world/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> <a href="https://mastodon.world/tags/https" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>https</span></a> <a href="https://mastodon.world/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a></p>
Blender Dumbass ( J.Y.Amihud )<p>From: blenderdumbass . org</p><p>The multiplayer, or the lack there of, at the moment is so utterly broken and so lacking of being properly made that for a long time, I was just not bothering with it. Seeing it as something unnecessary. Something that does not need to be touched, because other things, like the...</p><p>Read or listen: <a href="https://blenderdumbass.org/articles/a_rant_about_making_a_multiplayer_game" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blenderdumbass.org/articles/a_</span><span class="invisible">rant_about_making_a_multiplayer_game</span></a></p><p><a href="https://mastodon.online/tags/Gamedev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gamedev</span></a> <a href="https://mastodon.online/tags/DanisRace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DanisRace</span></a> <a href="https://mastodon.online/tags/Networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Networking</span></a> <a href="https://mastodon.online/tags/Multiplayer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Multiplayer</span></a> <a href="https://mastodon.online/tags/TCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TCP</span></a> <a href="https://mastodon.online/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> <a href="https://mastodon.online/tags/Programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Programming</span></a> <a href="https://mastodon.online/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a> <a href="https://mastodon.online/tags/UPBGE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UPBGE</span></a> <a href="https://mastodon.online/tags/Blender3d" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Blender3d</span></a> <a href="https://mastodon.online/tags/GNU" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GNU</span></a> <a href="https://mastodon.online/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.online/tags/GamingOnLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GamingOnLinux</span></a> <a href="https://mastodon.online/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeSoftware</span></a> <a href="https://mastodon.online/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a></p>
Stéphane Bortzmeyer<p>RFC 9745: The Deprecation HTTP Header Field</p><p>Ce nouveau champ de l'en-tête <a href="https://mastodon.gougere.fr/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> sert à indiquer que la ressource demandée va être (ou a été) abandonnée et qu'il faut penser à migrer. Il sert surtout pour les <a href="https://mastodon.gougere.fr/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> HTTP. </p><p><a href="https://mastodon.gougere.fr/tags/RFC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RFC</span></a> </p><p><a href="https://www.bortzmeyer.org/9745.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">bortzmeyer.org/9745.html</span><span class="invisible"></span></a></p>
Hacker News 50<p>HTTP/3 is everywhere but nowhere</p><p>Link: <a href="https://httptoolkit.com/blog/http3-quic-open-source-support-nowhere/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">httptoolkit.com/blog/http3-qui</span><span class="invisible">c-open-source-support-nowhere/</span></a><br>Discussion: <a href="https://news.ycombinator.com/item?id=43360251" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.ycombinator.com/item?id=4</span><span class="invisible">3360251</span></a></p><p><a href="https://social.lansky.name/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a></p>
iX Magazin<p>iX-Workshop API-Sicherheit: OWASP Top 10 API Security Risks</p><p>Lernen Sie hands-on, wie Sie Schwachstellen in der API-Implementierung vermeiden und Angriffe abwehren.</p><p><a href="https://www.heise.de/news/iX-Workshop-API-Sicherheit-OWASP-Top-10-API-Security-Risks-10305106.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/iX-Workshop-API-</span><span class="invisible">Sicherheit-OWASP-Top-10-API-Security-Risks-10305106.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://social.heise.de/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IdentityManagement</span></a> <a href="https://social.heise.de/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://social.heise.de/tags/iXWorkshops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iXWorkshops</span></a> <a href="https://social.heise.de/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OWASP</span></a> <a href="https://social.heise.de/tags/Schnittstellen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Schnittstellen</span></a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sicherheitslücken</span></a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
Jan Schaumann<p>System Administration</p><p>Week 7, HTTP and CDNs</p><p>After discussing the DNS, we now move on to <a href="https://mstdn.social/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> and HTTPS. While we don't have videos for these sections, hopefully the lecture slides can help you get an idea of what we're covering there. We review the basic HTTP protocol, peek at <a href="https://mstdn.social/tags/QUIC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>QUIC</span></a> and H3, and talk about load balancing and content delivery networks:</p><p><a href="https://stevens.netmeister.org/615/07.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">stevens.netmeister.org/615/07.</span><span class="invisible">pdf</span></a></p><p><a href="https://mstdn.social/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SysAdmin</span></a> <a href="https://mstdn.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevOps</span></a> <a href="https://mstdn.social/tags/SRE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SRE</span></a></p>
LabRAIZ<p>A vueltas con las Redes... </p><p>" De acuerdo con Christine Lemmer-Webber, coautora del protocolo <a href="https://mastodon.social/tags/ActivityPub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActivityPub</span></a>:</p><p>> <a href="https://mastodon.social/tags/Bluesky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bluesky</span></a> está construido por buenas personas que se preocupan, y está proporcionando algo que la gente quiere y necesita desesperadamente. Si buscas un sustituto de Twitter, hoy puedes encontrarlo en Bluesky.</p><p><a href="https://mastodon.social/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> </p><p>(1/3)</p>
@reiver ⊼ (Charles) :batman:<p>Cool — lots of people have wanted this for a long time —</p><p>A new HTTP method — QUERY</p><p><a href="https://httpwg.org/http-extensions/draft-ietf-httpbis-safe-method-w-body.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">httpwg.org/http-extensions/dra</span><span class="invisible">ft-ietf-httpbis-safe-method-w-body.html</span></a></p><p><a href="https://www.ietf.org/archive/id/draft-ietf-httpbis-safe-method-w-body-02.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ietf.org/archive/id/draft-ietf</span><span class="invisible">-httpbis-safe-method-w-body-02.html</span></a></p><p>Similar to the HTTP GET method, but for searching. (I.e., idempotent, etc.)</p><p>Now, of course — you can create your own custom HTTP method, but — it is nice that QUERY might become common.</p><p><a href="https://mastodon.social/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> <a href="https://mastodon.social/tags/HTTPQuery" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTPQuery</span></a> <a href="https://mastodon.social/tags/HTTPQueryMethod" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTPQueryMethod</span></a> <a href="https://mastodon.social/tags/WorldWideWeb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WorldWideWeb</span></a></p>
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕<p>How browsers REALLY load Web pages</p><p>When browsers load a Web page and its subresources, A LOT happens under the hood. They need to take into account render/parsing blocking resources, use a preload scanner, listen to resource hints (like preload/preconnect), loading modifiers (async/defer/module), fetchpriority, responsive images, and much more. […]</p><p>📺 <a href="https://fosdem.org/2025/schedule/event/fosdem-2025-4852-how-browsers-really-load-web-pages/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fosdem.org/2025/schedule/event</span><span class="invisible">/fosdem-2025-4852-how-browsers-really-load-web-pages/</span></a></p><p><a href="https://chaos.social/tags/video" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>video</span></a> <a href="https://chaos.social/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>web</span></a> <a href="https://chaos.social/tags/browser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>browser</span></a> <a href="https://chaos.social/tags/webpage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webpage</span></a> <a href="https://chaos.social/tags/http3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http3</span></a> <a href="https://chaos.social/tags/webdev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webdev</span></a> <a href="https://chaos.social/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> <a href="https://chaos.social/tags/https" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>https</span></a> <a href="https://chaos.social/tags/async" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>async</span></a> <a href="https://chaos.social/tags/http2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http2</span></a> <a href="https://chaos.social/tags/fossdem25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fossdem25</span></a> <a href="https://chaos.social/tags/foss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>foss</span></a> <a href="https://chaos.social/tags/floss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>floss</span></a> <a href="https://chaos.social/tags/fossdem" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fossdem</span></a></p>
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕<p>HTTP/3 is everywhere but nowhere</p><p>HTTP/3 has been in development since at least 2016, while QUIC (the protocol beneath it) was first introduced by Google way back in 2013. Both are now standardized, supported in 95% of users' browsersopens in a new tab, already used in 32% of HTTP requests to Cloudflareopens in a new tab, and support is advertised by 35% of websitesopens in a new tab (through alt-svc or DNS) in the HTTP Archive dataset</p><p>🌐 <a href="https://httptoolkit.com/blog/http3-quic-open-source-support-nowhere/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">httptoolkit.com/blog/http3-qui</span><span class="invisible">c-open-source-support-nowhere/</span></a></p><p><a href="https://chaos.social/tags/webdev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webdev</span></a> <a href="https://chaos.social/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> <a href="https://chaos.social/tags/http3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http3</span></a> <a href="https://chaos.social/tags/google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>google</span></a> <a href="https://chaos.social/tags/it" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>it</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://mastodon.nl/@maartjeS" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>maartjeS</span></a></span> :</p><p>👍🏻 nee, dat is beslist niet stom! Er zijn maar weinig mensen die hier iets van snappen, en dat is precies het probleem.</p><p>🥸 Ook ervaren idioten zoals ik moeten te vaak diep graven om te zien of een website echt is of nep, en soms blijkt dat onmogelijk (zoals bij sommige webshops).</p><p>🏫 Als we naar het centrum gaan en daar een pand zien waarop "ING" of "HEMA" staat, dan zijn we *GEWEND* dat daar géén oplichtersbende in zit.</p><p>🚔 Ons risico om te worden belazerd is laag, omdat kwaadwillenden niet eenvoudig een pand kunnen huren, zoiets snel aan het licht komt en de pakkans groot is.</p><p>🏧 Maar zou jij geld pinnen uit een Geldmaat bevestigd aan de buitengevel van een pand van de Hells Angels gevestigd tussen een autosloperij en een pallethandel?</p><p>👽 Op internet is de *ENIGE* aanwijzing die we hebben over de identiteit van een website, de domeinnaam die we zien in de adresbalk van de browser. We hebben géén idee meer waar een server staat en wat de nationaliteit van de huurder van de domeinnaam is.</p><p>🆎 On precies te zijn, een in DNS geldige website-domeinnaam is een (potentieel nietszeggende of juist misleidende) reeks karakters hooguit bestaande uit:</p><p>1) kleine letters (a-z);<br>2) cijfers (0-9);<br>3) het minteken;<br>4) de punt als *scheidingsteken*.</p><p>🆔 Een domeinnaam is een *alias* voor een IP-adres, net als "Maartje" in mijn lijst met contacten een alias is voor een telefoonnummer (ik vermoed een ander telefoonnummer achter "mijn" Maartje).</p><p>☎️ Stel Maartje neemt morgen een ander telefoonnummer, en een ander krijgt haar oude nummer. Als ik vervolgens "Maartje" bel, krijg ik een ander aan de lijn (als ik pech heb is dat iemand die m.b.v. AI de stem van Maartje exact imiteert en mij misleidt). Dit is een van de problemen met domeinnamen: soms vallen ze in verkeerde handen (zie <a href="https://security.nl/search?origin=frontpage&keywords=verlopen+domeinnaam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">security.nl/search?origin=fron</span><span class="invisible">tpage&keywords=verlopen+domeinnaam</span></a>).</p><p>🆒 Domeinnamen hebben een bijzondere eigenschap: ze zijn (als alles goed gaat) wereldwijd uniek - in tegenstelling tot "Maartje" of "Erik van Straten".</p><p>📒 DNS is het wereldwijde "telefoonboek" om (onder meer), gegeven een domeinnaam, het huidige IP-adres van de server (waar de website actief op is) op te zoeken. Want computers op internet communiceren met elkaar middels IP-adressen, net zoals mobieltjes daar telefoonnummers voor gebruiken.</p><p>👹 Het probleem blijft dat domeinnamen nietszeggend of bewust misleidend kunnen zijn (enkele "verse" voorbeelden in de screenshot onderaan deze toot).</p><p>🏦 Precies daarom gebruiken de meeste banken EV (Extended Validation) website-certificaten. Het laatste certificaat voor rabobank.nl zie je in <a href="https://crt.sh/?id=16445752040" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">crt.sh/?id=16445752040</span><span class="invisible"></span></a> (merk op dat dit certificaat geldig is voor maar liefst 155 verschillende domeinnamen, die je vindt door in die pagina te zoeken naar DNS: ).</p><p>📄 Een website-certificaat kun je prima vergelijken met een *kopie* van een paspoort. De server stuurt dit ongevraagd naar de browser.</p><p>🤝 Er volgt echter een slimme wiskundige truc: de server *bewijst* aan de browser over het *originele* paspoort te beschikken (feitelijk een "private key"). Een crimineel heeft dus niets aan zo'n kopie.</p><p>🤔 In dat paspoort kunnen minder of meer gegevens staan (V staat voor Validated):</p><p>a) Domain V: alleen de domeinnaam (of meerdere domeinnamen).</p><p>b) Organization V: de domeinnaam/namen plus matig betrouwbare identificerende gegevens van de eigenaar van de website.</p><p>c) Extended V: de domeinnaam/namen plus redelijk betrouwbare identificerende gegevens van de eigenaar van de website.</p><p>d) QWAC (<a href="https://en.wikipedia.org/wiki/Qualified_website_authentication_certificate" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.wikipedia.org/wiki/Qualifie</span><span class="invisible">d_website_authentication_certificate</span></a>): de domeinnaam/namen plus maximaal betrouwbare identificerende gegevens van de eigenaar van de website.</p><p>🕋 Alles valt of staat met de betrouwbaarheid van de *certificaatuitgever* (een gemeenteambtenaar die valse paspoorten aan criminelen verkoopt kan ook desastreus zijn voor het vertrouwen in het systeem, voorbeeld: <a href="https://www.security.nl/posting/800253/Ambtenaar+die+valselijk+paspoorten+opmaakte+veroordeeld+tot+32+maanden+cel" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">security.nl/posting/800253/Amb</span><span class="invisible">tenaar+die+valselijk+paspoorten+opmaakte+veroordeeld+tot+32+maanden+cel</span></a>).</p><p>——————</p><p>🤪 Technisch uitstapje (als je nog zin hebt):</p><p>🌐 DNS snapt niets van IDN's (International Domain Names). Punycode is een truc in browsers om toch met "nep" domeinnamen zoals</p><p><a href="https://münchen.de" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">münchen.de</span><span class="invisible"></span></a><br>en<br><a href="https://βιβλιοχαρτοπωλειον.ελ" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">βιβλιοχαρτοπωλειον.ελ</span><span class="invisible"></span></a> (een Griekse "domeinnaam")</p><p>te kunnen werken. "Onder water" wordt daarvoor Punycode gebruikt, volgens <a href="https://www.charset.org/punycode" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">charset.org/punycode</span><span class="invisible"></span></a> zijn dat resp.</p><p><a href="https://xn--mnchen-3ya.de" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">xn--mnchen-3ya.de</span><span class="invisible"></span></a><br>en<br><a href="https://xn--mxabanrbcmcwrbdkn2c8b1b.xn--qxam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">xn--mxabanrbcmcwrbdkn2c8b1b.xn</span><span class="invisible">--qxam</span></a></p><p>🤬 In certificaten voor IDN's vind je (stom genoeg) uitsluitend de Punycode representatie. Het is allemaal zo gemaakt dat het simpel *lijkt* - maar niet is, en dat is meestal iets waar criminelen van profiteren.</p><p>👹 Ten slotte nog een wijdverbreid fabeltje: "met een certificaat wordt de https:// verbinding versleuteld". Dat is, al vele jaren, pertinente onzin.</p><p>🆔 Een (server- of client-) certificaat wordt uitsluitend gebruikt voor authenticatie (van de server of de client), het leveren van *bewijs* van identiteit.</p><p>🔐 Bij de moderne TLS v1.3 (waar steeds meer servers gebruik van maken voor https://) wordt de verbinding zelfs éérst versleuteld; pas dáárna stuurt de server diens kopie-paspoort (een kopie van het certificaat) naar de browser - over de reeds versleutelde verbinding dus.</p><p>P.S. emojies toegevoegd in een poging om de droogte van het technische geneuzel te beperken 🥱</p><p><span class="h-card" translate="no"><a href="https://mastodon.nl/@ErikSchouten73" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ErikSchouten73</span></a></span> </p><p><a href="https://infosec.exchange/tags/Certificaten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Certificaten</span></a> <a href="https://infosec.exchange/tags/DV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DV</span></a> <a href="https://infosec.exchange/tags/DVCerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DVCerts</span></a> <a href="https://infosec.exchange/tags/OV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OV</span></a> <a href="https://infosec.exchange/tags/OVCerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OVCerts</span></a> <a href="https://infosec.exchange/tags/EV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EV</span></a> <a href="https://infosec.exchange/tags/EVCerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EVCerts</span></a> <a href="https://infosec.exchange/tags/QWAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>QWAC</span></a> <a href="https://infosec.exchange/tags/QWACs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>QWACs</span></a> <a href="https://infosec.exchange/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> <a href="https://infosec.exchange/tags/https" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>https</span></a> <a href="https://infosec.exchange/tags/httpVShttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpVShttps</span></a> <a href="https://infosec.exchange/tags/httpsVShttp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpsVShttp</span></a> <a href="https://infosec.exchange/tags/Authenticatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authenticatie</span></a> <a href="https://infosec.exchange/tags/Impersonatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonatie</span></a> <a href="https://infosec.exchange/tags/Fake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fake</span></a> <a href="https://infosec.exchange/tags/Nep" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nep</span></a> <a href="https://infosec.exchange/tags/NepSites" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NepSites</span></a> <a href="https://infosec.exchange/tags/Domeinnamen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Domeinnamen</span></a> <a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Hetty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hetty</span></a>: <a href="https://mastodon.thenewoil.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.thenewoil.org/tags/HTTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HTTP</span></a> toolkit for security research</p><p><a href="https://www.helpnetsecurity.com/2025/03/10/hetty-open-source-http-toolkit-security-research/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/03/10</span><span class="invisible">/hetty-open-source-http-toolkit-security-research/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/PenTesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PenTesting</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload