Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Administered by:

Server stats:

8.1K
active users

mastodon.world: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.2

#http

19 posts17 participants3 posts today
Leon Brocard

Anyone else using Compression Dictionary Transport to compress response bodies with a site-specific dictionary?
The first time you visit astray.com/recipes/ in Chrome, the response body is compressed with Brotli and takes 2,186 bytes. In the background the browser downloads a 400 byte dictionary.
The next time you visit astray.com/recipes/ the body is compressed with Brotli (using the shared dictionary) and takes only 1,799 bytes.
The savings add up with each request.
#webperf #http

www.astray.comAstray RecipesSearch 187,847 recipes. You can search by recipe title or by ingredient. For example: 'pavlova', 'pasta tomato zucchini', or 'pasta AND tomato OR zucchini'
JdeBP

An interesting data point in the HTTP/0.9 and HTTP/1.0 switch-off that is happening. (The #httpd in #djbwares version 10 defaults to not supporting 0.9 and 1.0 unless explicitly switched on. But I am not alone.)

url.town/ is a WWW site with a 1990s WWW directory style.

You won't be able to (directly, without a protocol-upgrading HTTP proxy) use an actual 1990s WWW browser with it, though.

It doesn't speak HTTP 0.9, and it redirects HTTP 1.0 and 1.1 to HTTPS with modern ciphers that 1990s systems will not have.

There were people mooting switching off 0.9 and 1.0 in their servers at least as long ago as 2015.

It's actually happening. But because 0.9 and 1.0 are nowadays nearly 0% of all traffic (according to measurements taken in 2021), few people have noticed.

Except the people who spin up actual pre-HTTP/1.1 WWW browsers and try to use them.

IBM WebExplorer for OS/2 was released in 1994, for example,.

#HTTP#retrocomputing#Caddy
Jayesh Bhoot

OK #http experts, I have a question about the `Cache-Control` header - is `max-age` directive effectively of no use if `no-cache` is provided?

(1/3)

Blender Dumbass ( J.Y.Amihud )

From: blenderdumbass . org

The multiplayer, or the lack there of, at the moment is so utterly broken and so lacking of being properly made that for a long time, I was just not bothering with it. Seeing it as something unnecessary. Something that does not need to be touched, because other things, like the...

Read or listen: blenderdumbass.org/articles/a_

blenderdumbass . orgA Rant About Making a Multiplayer Game
More from Blender Dumbass ( J.Y.Amihud )
#Gamedev#DanisRace#Networking
Habr

Простая минификация Json тел запросов / ответов с Kotlin Serialization

Привет! Недавно в рамках одного из проектов на стеке KMP, Ktor и Kotlin Serialization мы с командой решили провести эксперимент и определить возможность и целесобразность минификации тел запросов / ответов на Json. Да, мы знаем про GraphQL, Protobuf и др., но в нашем случае имел место необузданный интерес наколхозить такое решение. И при всей его наивности удалось сократить средний размер итоговых джсонов (после всех внутренних оптимизаций) на 15-20%.

habr.com/ru/articles/933474/

ХабрПростая минификация Json тел запросов / ответов с Kotlin SerializationПривет! Недавно в рамках одного из проектов на стеке KMP, Ktor и Kotlin Serialization мы с командой решили провести эксперимент и определить возможность и целесобразность...
#kotlin#kmp#kotlin_multiplatform
Continued thread
Fragefix:Tagesfrage

Hintergrundinformation:

Das "World Wide Web" (englisch für „weltweites Netz“, kurz Web oder WWW) ist ein über das #Internet abrufbares System von elektronischen Hypertext-Dokumenten, sogenannten Webseiten, welche mit #HTML beschrieben werden. Sie sind durch Hyperlinks untereinander verknüpft und werden im Internet über das Protokoll #HTTP (bzw. #HTTPS) übertragen. Die Webseiten enthalten meist Texte, oft mit Bildern und grafischen Elementen illustriert. Häufig sind auch Videos, Tondokumente oder Musikstücke eingebettet.

Umgangssprachlich wird das "World Wide Web" oft mit dem Internet gleichgesetzt; es ist jedoch jünger und stellt nur eine von mehreren möglichen Nutzungen des Internets dar. Andere Internetdienste wie E-Mail, Instant Messaging oder SSH sind nicht in das "World Wide Web" integriert.

Das Web entstand 1989 als Projekt an der Forschungseinrichtung CERN, in der Nähe von Genf auf schweizerischem und französischem Gebiet liegend, an dem Tim Berners-Lee ein Hypertext-System aufbaute. Die Idee hierzu stellte er erstmals am 12. März 1989 in der Forschungseinrichtung vor. Das Konzept wurde von dem Belgier Robert Cailliau mit entworfen.

https://de.wikipedia.org/wiki/World_Wide_Web?useskin=vector

de.wikipedia.orgWorld Wide Web – Wikipedia
John Kristoff

Weekend Reads

* URI redirection patterns arxiv.org/abs/2507.22019
* AI and college grad jobs wsj.com/lifestyle/careers/ai-e
* Internet control in Russia hrw.org/report/2025/07/30/disr
* SNI-based QUIC censorship in China gfw.report/publications/usenix
* Running a certificate transparency log ipng.ch/s/articles/2025/07/26/

arXiv logo
arXiv.orgNot Here, Go There: Analyzing Redirection Patterns on the WebURI redirections are integral to web management, supporting structural changes, SEO optimization, and security. However, their complexities affect usability, SEO performance, and digital preservation. This study analyzed 11 million unique redirecting URIs, following redirections up to 10 hops per URI, to uncover patterns and implications of redirection practices. Our findings revealed that 50% of the URIs terminated successfully, while 50% resulted in errors, including 0.06% exceeding 10 hops. Canonical redirects, such as HTTP to HTTPS transitions, were prevalent, reflecting adherence to SEO best practices. Non-canonical redirects, often involving domain or path changes, highlighted significant web migrations, rebranding, and security risks. Notable patterns included "sink" URIs, where multiple redirects converged, ranging from traffic consolidation by global websites to deliberate "Rickrolling." The study also identified 62,000 custom 404 URIs, almost half being soft 404s, which could compromise SEO and user experience. These findings underscore the critical role of URI redirects in shaping the web while exposing challenges such as outdated URIs, server instability, and improper error handling. This research offers a detailed analysis of URI redirection practices, providing insights into their prevalence, types, and outcomes. By examining a large dataset, we highlight inefficiencies in redirection chains and examine patterns such as the use of "sink" URIs and custom error pages. This information can help webmasters, researchers, and digital archivists improve web usability, optimize resource allocation, and safeguard valuable online content.
#HTTP#AI#Censorship
OTX Bot

Exploring Storm-2603's Previous Ransomware Operations

A focused analysis of Storm-2603, a threat actor linked to recent ToolShell exploitations alongside other Chinese APT groups, reveals their use of a custom malware C2 framework called 'ak47c2'. This framework includes HTTP and DNS-based clients. The group likely targeted organizations in Latin America and APAC in early 2025, employing tactics similar to other ransomware groups. They utilize open-source tools and a custom tool leveraging BYOVD technique to disable endpoint protections. Storm-2603 attacks involve multiple ransomware families, often deployed together through DLL hijacking. The analysis uncovers their use of LockBit Black and Warlock ransomware, as well as a custom Antivirus Terminator tool abusing a legitimate driver to kill processes.

Pulse ID: 688cb3406bad6853be31041c
Pulse Link: otx.alienvault.com/pulse/688cb
Pulse Author: AlienVault
Created: 2025-08-01 12:29:52

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#APAC#Chinese#CyberSecurity
Tom :damnified:

Remember when I published the metalhead.club anthem on music.metalhead.club, some users couldn't access the page and got an error message?

Until a week ago, I couldn't explain the error.

Now I can! You can read about where the error comes from and what my fix looks like on my blog:

“Nginx HTTP/3 proxy server displays content from the wrong virtual host” - thomas-leister.de/en/nginx-htt

music.metalhead.clubmetalhead.club Musicmetalhead.club Music
#nginx#quic#http
Tom :damnified:

Erinnert ihr euch? Als ich die metalhead.club Hymne auf music.metalhead.club veröffentlicht habe, konnten ein paar User die Seite nicht aufrufen und bekamen einen Fehler.

Bis vor einer Woche konnte ich mir den Fehler nicht erklären.

Jetzt kann ich es! Woher der Fehler kommt und wie mein Fix aussieht, könnt ihr auf meinem Blog nachlesen:

"Nginx HTTP/3 Proxyserver zeigt Inhalte vom falschen Virtual Host" - thomas-leister.de/nginx-http3-

music.metalhead.clubmetalhead.club Musicmetalhead.club Music
#server#nginx#http3
GripNews

🌘 關於「極化解析器」(Polarizing Parsers) 的網路安全探討
➤ 網路安全倒數計時:解析潛藏的請求偽裝威脅
flak.tedunangst.com/post/polar
本文探討了近期發現的「極化解析器」安全漏洞,該漏洞可能導致請求偽裝攻擊。作者以自身 Go 語言編寫的代理伺服器為例,說明其設計如何預防此類攻擊,強調請求解析的一致性是關鍵。同時,作者也質疑 Akamai 等 CDN 廠商在傳送無效請求上的責任,並對安全威脅的倒數計時表達了憂慮。
+ 原來這種攻擊的關鍵在於請求解析器的一致性,Go 語言的設計在這方面似乎做得不錯。
+ 覺得作者對 Akamai 的質疑很到位,CDN 廠商也應該為其傳送的請求負責,而不是一味怪罪協議。
#網路安全 #HTTP #代理伺服器 #請求偽裝

flak.tedunangst.compolarizing parsers
TrendingLive feeds
About