Coding Fun Node Js Envoy fixes a critical security bug related to HTTP headers with whitespaces

Envoy fixes a critical security bug related to HTTP headers with whitespaces





Google engineer Alyssa Wilk discovers a critical security bug related to whitespaces in header values. Envoy and Node JS fix this by releasing a security patch.

Tags: , , , , , , , , , , ,

3 thoughts on “Envoy fixes a critical security bug related to HTTP headers with whitespaces”

  1. You made a good case for dedicated software & separation of concerns (HA Proxy over Nginx, etc). So now I'm curious what the counterargument is; why the devs of Nginx decided to make a piece of dual-use software, what advantages it has over HAproxy & competitors, etc. I'm sure they had some use case in mind when building it and I'm curious what it was.

  2. Thanks for the information, well laid out. Your videos got me commenting on YouTube

Leave a Reply

Your email address will not be published. Required fields are marked *