新栏目,尽量每天发点 #今天看了啥 ,以使频道名副其实——是 Note。
http encoding:
https://httptoolkit.com/blog/http-encodings/ (blog, en)
> 离谱,竟然会有服务端的 content-encoding 返回 amz-1.0, json, utf-8, text, binary 之类的内容。
html encoding:
https://encoding.spec.whatwg.org (spec, en)
→ https://html.spec.whatwg.org/multipage/parsing.html#determining-the-character-encoding (spec, en)
→ https://html.spec.whatwg.org/multipage/semantics.html#attr-meta-charset (spec, en)
https://en.wikipedia.org/wiki/Windows-1252 (wiki, en)
> websites declared ISO 8859-1 which is treated as Windows-1252 by all modern browsers (as required by the HTML5 standard)
→ https://w3techs.com/technologies/overview/character_encoding (各 html 编码的使用率,也有分语言的统计)
https://www.xiaogd.net/md/web-page-encoding-and-mojibake-1 (blog, zh)
repo:
https://github.com/edsrzf/mmap-go
https://github.com/long2ice/meilisync
有意思的代码:
https://cs.opensource.google/go/go/+/refs/tags/go1.24.2:src/unicode/utf8/utf8.go;drc=3d33437c450aa74014ea1d41cd986b6ee6266984;l=444
http encoding:
https://httptoolkit.com/blog/http-encodings/ (blog, en)
> 离谱,竟然会有服务端的 content-encoding 返回 amz-1.0, json, utf-8, text, binary 之类的内容。
html encoding:
https://encoding.spec.whatwg.org (spec, en)
→ https://html.spec.whatwg.org/multipage/parsing.html#determining-the-character-encoding (spec, en)
→ https://html.spec.whatwg.org/multipage/semantics.html#attr-meta-charset (spec, en)
https://en.wikipedia.org/wiki/Windows-1252 (wiki, en)
> websites declared ISO 8859-1 which is treated as Windows-1252 by all modern browsers (as required by the HTML5 standard)
→ https://w3techs.com/technologies/overview/character_encoding (各 html 编码的使用率,也有分语言的统计)
https://www.xiaogd.net/md/web-page-encoding-and-mojibake-1 (blog, zh)
repo:
https://github.com/edsrzf/mmap-go
https://github.com/long2ice/meilisync
有意思的代码:
https://cs.opensource.google/go/go/+/refs/tags/go1.24.2:src/unicode/utf8/utf8.go;drc=3d33437c450aa74014ea1d41cd986b6ee6266984;l=444
Httptoolkit
Encoding your HTTP for fun and profit
HTTP content encoding is an incredibly powerful tool that can save you huge amounts of bandwidth and make your web or mobile application faster, basically for...
https://http1mustdie.com #今天看了啥
tldr:
- http1 实现各异,难以区分消息的边界,易请求走私。
- proxy 与后端间应当使用 h2。
- 客户端与 proxy 间使用 h1 仍是安全的。
tldr:
- http1 实现各异,难以区分消息的边界,易请求走私。
- proxy 与后端间应当使用 h2。
- 客户端与 proxy 间使用 h1 仍是安全的。
Http1Mustdie
HTTP/1.1 Must Die
Upstream HTTP/1.1 is inherently insecure, and routinely exposes millions of websites to hostile takeover. Join the mission to kill HTTP/1.1 now
🤔4