Demi Marie Obenour
Demi Marie Obenour
Current thought: - `htx_add_header` now returns an enum with entries `HTX_OK` (okay), `HTX_NOMEM` (memory allocation failed or size limit exceeded), and `HTX_BAD` (invalid characters in name or value, or leading...
When this is implemented, I recommend refusing to forward requests with invalid characters in field values over HTTP/3, due to . I highly doubt that the legacy clients that send...
This causes HAProxy to send malformed HTTP/2 requests downstream, which are (rightly) rejected by Varnish, causing a Bad Gateway message to be sent to the client.
For HTTP/3, this is somewhat more severe, because the popular nghttp3 library (used by libcurl) [silently discards invalid fields with invalid values](https://github.com/ngtcp2/nghttp3/discussions/346#discussioncomment-12634551), so sending malformed replies causes HAProxy and clients...
Qubes OS isn’t willing to settle for being as secure as a web browser with WebGL and WebGPU enabled. Therefore, Qubes OS will be using native contexts, which already are...
Duplicate of #8552
One question here is the amount of control a module will have over the modules it creates. For instance, module X might want to be able to read and write...
> > In many cases, there is no practical way to provide the offer of source code that the AGPL requires, so the AGPL becomes a nonfree “redistributable, no modification...
> gotk4 has no networking on its own; it is on the user's duty to provide this information when they're using it over the network. I’m saying that that is...
> Been thinking about this on and off. While ideally a signature is something you can verify without parsing the signed contents first, we'll always need to parse the signature...