Agreed. It's not just AWS, however. Azure, Cloudflare, and other WAF providers have a similar trade-off.
Hi, article author here. Cloud Armor will drop requests without regard to the size of the request body for HTTP PUT or PATCH request (i.e., the payload won't have to padded with 8192 bytes, like in the case of POST…
If you omit the Content-Length header from an HTTP request, the server will not process the request body. See: https://reqbin.com/Article/ContentLength "If the value of the Content-Length header is zero, or if neither…
I like the Raspberry Pi, but I would much rather prefer a NUC (or another small Desktop with a non-ARM processor) for a home setup.
> “The United States is good at protecting the government, OK at protecting corporations, but does not protect individuals.” > [Dave Aitel] points out that many of the targeted security researchers likely had…
Agreed. It's not just AWS, however. Azure, Cloudflare, and other WAF providers have a similar trade-off.
Hi, article author here. Cloud Armor will drop requests without regard to the size of the request body for HTTP PUT or PATCH request (i.e., the payload won't have to padded with 8192 bytes, like in the case of POST…
If you omit the Content-Length header from an HTTP request, the server will not process the request body. See: https://reqbin.com/Article/ContentLength "If the value of the Content-Length header is zero, or if neither…
I like the Raspberry Pi, but I would much rather prefer a NUC (or another small Desktop with a non-ARM processor) for a home setup.
> “The United States is good at protecting the government, OK at protecting corporations, but does not protect individuals.” > [Dave Aitel] points out that many of the targeted security researchers likely had…