🫖 During our outage this morning, people attempting to connect with Flipboard.Social found that we were declaring ourselves to be a teapot. Here's the origin of the unusual internet error message. Tell us, were you familiar with it?
Privacy matters! But what if the tools meant to protect us are being misused? Our latest study (to appear ARES '24) reveals surprising facts about HTTP Client Hints (HTTP CHs) on the Web. [THREAD]
I try to constantly to deepen my knowledge of #HTTP and #REST. Recently, I stumbled upon the list of all registered HTTP Headers. This post is dedicated to the #Vary HTTP Header.
Join us on the #Podcast for a meaty conversation about the various levels of specifications and conventions which make the World-Wide Web go: from TCP/IP to HTTP to WebSockets and beyond.
We also talk about conventions in various languages & frameworks to enable building web applications servers in a straightforward and portable manner, as well as building a personal knowledge base wiki out of Markdown files and an SSG (Static-Site Generator). Let’s fly!
It seems like #tiktok uses #HTTP to distribute its videos. What type of heavy lift might it be to create a #fediverse alternative in the wake of the #tiktokban? Asking for my friends. Please RT.
Part 6 of "A Guide to Implementing ActivityPub in a Static Site (or Any Website)" is now out.
Sorry about the delay, this is the part that not many people will like, I assume. I try to explain how to implement the inbox, which by nature is dynamic non-static.
wenn ich auf einer seite die kein #HTTPS hat, keine daten eingebe und mich nicht anmelde etc. also nur rumscrolle und klicke gibt es keine erhöteres sicherheit-/Privatsphärerisiko oder?
sollte es nicht zu empfhelen sein, gibt es eine methode es trotzdem sicher/anonym zu machen?
weil es gibt immer wieder #webseiten mit lediglich #http die ich sehr gerne anschauen würde..
Simple, so don't forget that about the 403 Forbidden HTTP status code desire
From RFC 9110 about HTTP and 403
'An origin server that wishes to "hide" the current existence of a forbidden target resource MAY instead respond with a status code of 404 (Not Found).'
"JSON Patch is a format for describing changes to a #JSON document. It can be used to avoid sending a whole document when only a part has changed. When used in combination with the #HTTP PATCH method, it allows partial updates for HTTP #APIs in a standards compliant way."
🆕 blog! “I made a mistake in verifying HTTP Message Signatures”
It's never great to find out you're wrong, but that's how learning and personal growth happens. HTTP Message Signatures are hard1. There are lots of complex parts and getting any aspect wrong means certain death2. In a previous post, I wrote A simple(ish) guide to verifying …
#HTTP content negotiation has some unwritten rules for images. Accept: image/png, */* technically allows image/avif, but that’s not a wise interpretation.
Except what a caching proxy is supposed to do when the origin only sends AVIF?
New PC who this! Gave the @reactphp#HTTP Hello World a quick benchmark, clocks in at nearly 70K requests per second with 100 concurrent keep alive connections on a single #PHP process: