HN Reader

Foundry (YC F24) is hiring staff-level product engineers (ycombinator.com)

1 points by lakabimanil 1d ago 0 comments

GoGoGrandparent (YC S16) Is Hiring Back End and Full-Stack Engineers

1 points by davidchl 2d ago 0 comments

Kyber (YC W23) is hiring enterprise account executives (ycombinator.com)

1 points by asontha 3d ago 0 comments

Converge (YC S23) well-capitalized New York startup seeks product developers (runconverge.com)

1 points by thomashlvt 5d ago 0 comments

Great Question (YC W21) Is Hiring a VP of Engineering (Remote) (ycombinator.com)

1 points by nedwin 6d ago 0 comments

Coverage Cat (YC S22) Is Hiring a Senior, Staff, or Principal Engineer (coveragecat.com)

1 points by botacode 7d ago 0 comments

Kaizen (YC X25) is hiring engineers to build browser agents that work (kaizenautomation.com)

1 points by michaelssilver 8d ago 0 comments

Infracost (YC W21) hiring first PM to shift $600B cloud spend to proactive (ycombinator.com)

1 points by akh 9d ago 0 comments

Sei (YC W22) Is Hiring a Full Stack Engineer in Chennai, India (ycombinator.com)

1 points by ramkumarvenkat 9d ago 0 comments

Artie (YC S23) Is Hiring Founding AEs (ycombinator.com)

1 points by j-cheong 9d ago 0 comments

Cedana (YC S23) Is Hiring a Systems Engineer (ycombinator.com)

1 points by neelm 10d ago 0 comments

CodeCrafters (YC S22) is hiring first Marketing Person (ycombinator.com)

1 points by sarupbanskota 10d ago 0 comments

PAX Markets (YC W25) is hiring a founding principal hardware (RTL) engineer (ycombinator.com)

1 points by etep 10d ago 0 comments

Sendblue (YC S23) is hiring senior engineers (ycombinator.com)

1 points by rhaber 11d ago 0 comments

Thunder Compute (YC S24) Is Hiring a C++ Systems Engineer (ycombinator.com)

1 points by cpeterson42 16d ago 0 comments

Optery (YC W22) Is Hiring in Engineering, Legal, Sales, Marketing (U.S., Latam) (optery.com)

1 points by beyondd 16d ago 0 comments

QuestDB (YC S20) Is Hiring a Technical Content Lead (questdb.com)

1 points by nhourcard 17d ago 0 comments

Depot (YC W23) Is Hiring a Technical Content Writer (Remote) (ycombinator.com)

1 points by jacobwg 17d ago 0 comments

Firebender (YC W24) Is Hiring (ycombinator.com)

1 points by kevo1ution 17d ago 0 comments

Better Auth (YC X25) Is Hiring (ycombinator.com)

1 points by bekacru 17d ago 0 comments

Kapa.ai (YC S23) is hiring a software engineers (EU remote) (ycombinator.com)

1 points by emil_sorensen 18d ago 0 comments

Spice Data (YC S19) Is Hiring a Product Associate (New Grad) (ycombinator.com)

1 points by richard_pepper 18d ago 0 comments

Extend (YC W23) is hiring engineers to build SOTA document processing (jobs.ashbyhq.com)

1 points by kbyatnal 19d ago 0 comments

Piramidal (YC W24) is hiring a full stack engineer (ycombinator.com)

1 points by dsacellarius 21d ago 0 comments

Mango Health (YC W24) Is Hiring (ycombinator.com)

1 points by zachgitt 21d ago 0 comments

Resolve (YC W15) Is Hiring an Operations and Billing Lead for Construction VR

1 points by ugolino91 22d ago 0 comments

Arva AI (YC S24) Is Hiring an AI Research Engineer (London, UK) (arva.ai)

1 points by OliverWales 22d ago 0 comments

Rejoy Health (YC W21) Is Hiring (ycombinator.com)

1 points by rituraj_rhealth 23d ago 0 comments

Weave (YC W25) is hiring an AI engineer (ycombinator.com)

1 points by adchurch 23d ago 0 comments

CoinTracker (YC W18) is hiring to solve crypto taxes and accounting (remote)

1 points by chanfest22 24d ago 0 comments

Crimson (YC X25) is hiring founding engineers in London (ycombinator.com)

1 points by markfeldner 25d ago 0 comments

HTTP/1.1 must die: the desync endgame

16 octagons 2 8/7/2025, 2:12:27 AM portswigger.net ↗

Comments (2)

1vuio0pswjnm7 · 2d ago
"First, HTTP/1.1 is only simple if you're not proxying."

Which is to say, proxy implementations are complex, not HTTP/1.1

"HTTP/2 is not perfect - it's significantly more complex than HTTP/1, and can be painful to implement."

Which is to say, HTTP/2 is complex

Making life easier for (overly) complex proxy software by introducing a more complex protocol

Sounds great

Increasing complexity will surely lead to "a secure web"

JohnMakin · 1d ago
I had heard rumors of this being much worse than I am understanding it. This looks like desync attacks on misconfigured proxies. These misconfigurations are normally assumed benign - which is a problem - but this is nothing all that surprising to me.