IEEE

Request Smuggling Via HTTP/2 Cleartext in the Wild: Empirical Testing with Differential Fuzzing

Abstract: The Request Smuggling Via HTTP/2 Cleartext (H2C Smuggling) attacks exploit vulnerabilities in the handling of HTTP request headers by proxy servers, allowing attackers to bypass security ...
GitHub

abrauner/webtrees_sso_jwt-auth

This module runs as PSR-15 middleware on every HTTP request. It extracts a JWT token from the Authorization header or a cookie, validates the signature and claims, looks up the webtrees user by the ...