Welcome! Log In Create A New Profile


simple BREACH workaround for gzip

April 15, 2014 07:51AM
has anyone considered this simple workaround for BREACH and gzip-compression, i.e. randomly interspersed flush()-es during compression?
It would be compatible with all clients, and should be fairly easy to implement in nginx (for nginx hackers).
Of course, it doesn't prevent BREACH attacks, but it makes them much harder.

PS: yes, I'm aware that BREACH should also be prevented in the app-layer,
Subject Author Posted

simple BREACH workaround for gzip

entropie April 15, 2014 07:51AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 63
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready