-
This ticket is to improve Side Channel Attack protection based on HTTP response throttling based on the early implementation that has been done at #857 .
##
Want to back this issue? **[Post a bounty…
-
in my testing, dodging doesn't seem to give any iframes and ive never been able to dodge straight through arrows or zombie attacks no matter how narrowly i time it or how much i change it in the confi…
-
TLDR: There exist a financial incentive for the execution payload to be proposed later than the anticipated time window for it. We worry that this might lead to favoring larger validators, encourage a…
-
From #1317: When client downloads files it does not always need them written into an actual file, often it just wants the content: providing API the returns just bytes would be fine. We should still c…
-
This is a followup to:
https://groups.google.com/a/chromium.org/d/msgid/progressive-web-metrics/CAHTsfZD1zJp6unenAyu%2BKoDJLAfKG41Mm2mmbT9gUKzoMvnxWQ%40mail.gmail.com
At Facebook when we measur…
-
Hello, in the privacy and security section, site settings, I noticed that there is no native ad blocker integrated in Chromium, this ad blocker integrated in Chromium blocks heavy ads and malicious cr…
-
You should use openssl_encrypt() and openssl_decrypt(). The underlying library (libmcrypt) has been abandoned since 2007, and performs far worse than OpenSSL (which leverages AES-NI on modern processo…
-
Now with more and more organisations using MISP the number of accounts (per instance) is increasing, so managing the accounts is taking more and more time. One thing that is a regular issue is passwor…
-
Right now, Ratchet always includes an `X-Powered-By` HTTP response header exposing the specific Ratchet version. This could potentially be used during reconnaissance to gain more information to prepar…
-
_(discussed at TPAC 2016; rough notes and summary of discussed ideas below)_
Read [Hero Element Timing API](https://docs.google.com/document/d/1yRYfYR1DnHtgwC4HRR04ipVVhT1h5gkI6yPmKCgJkyQ/edit) doc f…