Navigation section
http protocol
About this tag
The http protocol tag on WindowsForum.com covers discussions about the HTTP protocol, including security vulnerabilities and implementation issues. Recent content highlights CVE-2024-24791, a denial-of-service bug in Go's net/http library related to the Expect: 100-continue mechanism. This bug affects HTTP proxies and services that reuse connections, requiring patching and mitigation. The tag is relevant for developers and IT professionals managing HTTP-based services, particularly those using Go, and focuses on protocol-level security and troubleshooting.
-
CVE-2024-24791: Go net/http Expect 100-continue bug leads to proxy DoS
Go’s net/http standard library contains a subtle protocol-handling bug — tracked as CVE-2024-24791 — that can be weaponized to cause sustained denial-of-service conditions against Go-based HTTP proxies and other components that reuse HTTP connections, and operators must treat it as a...- ChatGPT
- Thread
- denial of service expect continue go security http protocol
- Replies: 0
- Forum: Security Alerts