Tag Archives: http

Command Line 的 HTTP 操作工具

忘記在哪邊翻到的:「HTTP Tools Roundup」,裡面有提到一些 Command Line 下操作 HTTP 內容的工具。 其中一個是 HTTPie,這個有時後會拿來用,不過大多數的時候還是習慣用 curl 了 (因為 curl 幾乎都會裝,HTTPie 要另外裝): 另外一個是 http-console,這是第一次看到... 用過後覺得還不錯,應該會記起來用一陣子看看 XD gslin@home [~] [17:24/W5] http-console --ssl https://emma.pixnet.cc:443/ > http-console 0.6.4 > Welcome, enter .help if you're lost. > Connecting to emma.pixnet.cc … Continue reading

Posted in Computer, Murmuring, Network, Software, WWW|Tagged , , , , |1 Comment

HTTP Archive 研究挖礦網頁的現狀

HTTP Archive 出來研究這個主題感覺就很適合:「The Performance Impact of Cryptocurrency Mining on the Web」。 不過作者是用 script name 去分析,應該還是會有一些漏網,不過可以看出一些數據了...

Posted in Computer, Financial, Murmuring, Network, Software, WWW|Tagged , , , , , , |Leave a comment

curl 將支援 Brotli 壓縮

在 Twitter 上看到有人提到 curl 支援 Brotli 了:「HTTP: implement Brotli content encoding」。 Brotli 對文字系列的資料比較有幫助 (像是 html): Unlike most general purpose compression algorithms, Brotli uses a pre-defined 120 kilobyte dictionary, in addition to the dynamically populated ("sliding window") dictionary. The pre-defined dictionary … Continue reading

Posted in Computer, Library, Murmuring, Network, Programming, Software, WWW|Tagged , , , , , |Leave a comment

HTTP/2 時代的 API 設計

在「Let’s Stop Building APIs Around a Network Hack」這邊提到了以前為了解決 HTTP/1.1 的問題而發展出來的 workaround,在 2015 年發展出來的 HTTP/2 從底層直接解了不少問題,加上很快被許多瀏覽器支援 (就算不支援 HTTP/2 也只是降到 HTTP/1.1 跑,比較慢而已): Guess what else was released in May 2015? RFC 7540, otherwise known as HTTP/2. In retrospect this seems highly poetic, … Continue reading

Posted in Computer, Murmuring, Network, Programming, Service, Telephone, WWW|Tagged , , , , , , , , , , , , |Leave a comment

Let's Encrypt 的 Embed SCT 支援

翻到 Let's Encrypt 的 Upcoming Features 時看到: Embed SCT receipts in certificates ETA: February, 2018 對 Embed SCT 不熟,所以查了查這個功能。 這指的是在簽發 SSL certficiate 後,把資料丟給 Certificate Transparency (CT) 伺服器後,伺服器會提供 signed certificate timestamp (SCT);而這個資料放到 SSL certificate 內叫做 Embed SCT:(出自 CT 的 FAQ) What … Continue reading

Posted in Browser, Computer, DNS, GoogleChrome, Murmuring, Network, Privacy, Security, Service, Software, WWW|Tagged , , , , , , , , , , , , , , , , , , , |Leave a comment

Chromium 內提案移除 HPKP (HTTP Public Key Pinning)

Twitter 上看到這則 tweet,提到要移除 HPKP (HTTP Public Key Pinning): Intent To Deprecate And Remove: Public Key Pinning (in Chromium) https://t.co/agS3fll7eR — Adam Langley (@agl__) October 27, 2017 blink-dev 上的討論可以參考「Intent To Deprecate And Remove: Public Key Pinning」(就是上面那個連結,只是拉出來)。 這個提案大概可以推敲出理由... 目前的作法必須寫進瀏覽器內,這樣明顯會有 scale 問題,而且這個作法本身就很 workaround,只能保護所謂「高價值」的 … Continue reading

Posted in Browser, Computer, DNS, GoogleChrome, Network, Security, Software, WWW|Tagged , , , , , , , , , , , , , , , , , , , |2 Comments

Google 打算更廣泛的預設使用 HSTS

Google 宣佈了更廣泛開啟 HSTS 的計畫:「Broadening HSTS to secure more of the Web」。 然後先提到 .foo 與 .dev 的「Google Chrome 將 .dev 設為 HSTS Preload 名單」這件事情: In 2015 we created the first secure TLD when we added .google to the HSTS preload list, … Continue reading

Posted in Browser, Computer, DNS, GoogleChrome, Murmuring, Network, Privacy, Security, Software, WWW|Tagged , , , , , , , , , , , |Leave a comment

Apache 的 Optionsbleed

Apache 也出了類似 Heartbleed 的包:「Apache bug leaks contents of server memory for all to see—Patch now」,原文出自「Optionsbleed - HTTP OPTIONS method can leak Apache's server memory」。 這掛上 CVE-2017-9798 了,影響版本包括了: This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. 發生在對 … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Security, Service, Software, WWW|Tagged , , , , , , , , , , |Leave a comment

Mozilla 的提案「HTTP Immutable Responses」

狀態已經是 Category: Standards Track 了,RFC 8246 的「HTTP Immutable Responses」: The immutable HTTP response Cache-Control extension allows servers to identify resources that will not be updated during their freshness lifetime. This ensures that a client never needs to revalidate a cached … Continue reading

Posted in Browser, Computer, Murmuring, Network, Software, WWW|Tagged , , , , , , , , |1 Comment

nginx 的 mirror 功能

在 nginx 1.13.4 出的新功能,ngx_http_mirror_module: The ngx_http_mirror_module module (1.13.4) implements mirroring of an original request by creating background mirror subrequests. Responses to mirror subrequests are ignored. 範例其實就講的還蠻清楚的: location / { mirror /mirror; proxy_pass http://backend; } location /mirror { internal; proxy_pass http://test_backend$request_uri; … Continue reading

Posted in Computer, Murmuring, Network, Service, Software, WWW|Tagged , , , , , , , |Leave a comment