https://blog.qife122.com/tags/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8%E5%8D%8F%E8%AE%AE/ Recent content in 网络安全协议 on 办公AI智能小助手 Hugo zh-cn qife Mon, 29 Sep 2025 00:01:14 +0800 https://blog.qife122.com/p/http/1.1%E5%BF%85%E9%A1%BB%E6%B7%98%E6%B1%B0%E8%BF%99%E5%AF%B9%E5%BA%94%E7%94%A8%E5%AE%89%E5%85%A8%E9%A2%86%E5%AF%BC%E5%B1%82%E6%84%8F%E5%91%B3%E7%9D%80%E4%BB%80%E4%B9%88/ Mon, 29 Sep 2025 00:01:14 +0800 https://blog.qife122.com/p/http/1.1%E5%BF%85%E9%A1%BB%E6%B7%98%E6%B1%B0%E8%BF%99%E5%AF%B9%E5%BA%94%E7%94%A8%E5%AE%89%E5%85%A8%E9%A2%86%E5%AF%BC%E5%B1%82%E6%84%8F%E5%91%B3%E7%9D%80%E4%BB%80%E4%B9%88/ <p>在Black Hat USA和DEFCON 2025大会上，PortSwigger研究总监James Kettle发出了严厉警告：请求走私攻击并未消失，而是在不断演变和蔓延。尽管经过多年的防御努力，Kettle公布的新研究证明，HTTP请求走私（或称&quot;desync&quot;攻击）仍然是一种系统性的协议级威胁，已危及全球数千万个本应安全无虞的网站。</p>