THREAT OPS › Threat News › HTTP/1.1 must die: the desync endgame
HTTP/1.1 must die: the desync endgame
Abstract Upstream HTTP/1.1 is inherently insecure and regularly exposes millions of websites to hostile takeover. Six years of attempted mitigations have hidden the issue, but failed to fix it. This p
Original source: https://portswigger.net/research/http1-must-die