CRIME-Vulnerability/EN/Solution Tips: Unterschied zwischen den Versionen
Zeile 1: | Zeile 1: | ||
− | + | Crime vulnerability can be defeated by preventing the use of compression. Either on the client side, if the browser disables the compression of SPDY requests, or if the web page prevents the use of data compression for such transactions using the protocol negotiation characteristics of the [https://en.wikipedia.org/wiki/Transport_Layer_Security TLS] protocol. Deactivate TLS compression on your server. |
Version vom 3. April 2019, 16:04 Uhr
Crime vulnerability can be defeated by preventing the use of compression. Either on the client side, if the browser disables the compression of SPDY requests, or if the web page prevents the use of data compression for such transactions using the protocol negotiation characteristics of the TLS protocol. Deactivate TLS compression on your server.