CRIME-Vulnerability/EN/Solution Tips: Unterschied zwischen den Versionen

Aktuelle Version vom 11. Juni 2019, 12:27 Uhr

CRIME can be prevented by disabling the use of compression of data in TLS. Disable TLS Compression on your server.

Version vom 3. April 2019, 16:04 Uhr (Quelltext anzeigen) Siwebot (Diskussion \| Beiträge) ← Zum vorherigen Versionsunterschied		Aktuelle Version vom 11. Juni 2019, 12:27 Uhr (Quelltext anzeigen) Siwebot (Diskussion \| Beiträge)
Zeile 1:		Zeile 1:
−	~~Crime vulnerability~~ can be ~~defeated~~ by ~~preventing~~ the use of compression~~. Either on the client side, if the browser disables the compression of SPDY requests, or if the web page prevents the use~~ of data ~~compression for such transactions using the protocol negotiation characteristics of the [https://en.wikipedia.org/wiki/Transport_Layer_Security~~ TLS~~] protocol~~. ~~Deactivate~~ TLS ~~compression~~ on your server.	+	CRIME can be prevented by disabling the use of compression of data in TLS. Disable TLS Compression on your server.