The Good, Bad, and Ugly of HTTP/2

Authors
Pranali Phadtare, Soummya Kulkarni, Shruthi Shunmugom M

About Us
IBM PTC is a proficient internal Security Test Team responsible for vulnerability assessment & ethical
hacking of web, mobile applications & infrastructure.

Abstract

HTTP/2 is an upgraded version of the HTTP 1.1 protocol. HTTP/2 provides various considerable refinements in terms of performance by addressing the prominent issues with HTTP/1.1 protocol. These refinements seems to have incidental impact in terms of security. This article tries to elucidate various functionalities of HTTP/2 and also explains web application related vulnerabilities of HTTP/2, such as Denial of Service attacks and downgrading vulnerabilities. 

Introduction to HTTP Protocol

HyperText Transfer Protocol (HTTP) is a communication protocol used to connect to Web servers on the Internet or on a local network. The primary function of HTTP is to establish a connection with the server and send HTML pages back to the user’s browser.....




Read the rest of this story with a free account.

Welcome to Hakin9 - IT Security Magazine Log in or sign up with your email.
Or Login Using
Please wait. Signing you in...
Or Login Using
Please wait. Signing you in...
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.

Already have an account?

Scroll to Top