Prova Storytel gratis i 30 dagar Ett universum fyllt av ljudböcker, klicka här för att komma igång

How HTTP Compression Leaks Sessions and JWT - CRIME Explained and how HPACK in HTTP/2 fixes this

In this video we will explore one of the most popular side attacks CRIME Compression Ratio Info-leak Made Easy) and the different ways to mitigate this. Intro 0:00 * HTTP/1.1 SPDY header compression 4:00* TLS compression * Response body attackers can’t inject 13:00 * Mitigations 14:10 * HPACK/QPACK * TLS Padding

Om Podcasten

Welcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own. Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering Buy me a coffee https://www.buymeacoffee.com/hnasr 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses