HTTP RateLimit Headers
https://dotat.at/@/2026-01-13-http-ratelimit.html
#HackerNews #HTTP #RateLimit #Headers #WebDevelopment #APIs #TechNews
Ayder – HTTP-native durable event log written in C (curl as client)
https://github.com/A1darbek/ayder
#HackerNews #Ayder #HTTP-native #durable #event #log #C #curl #client #technology #open-source
@reiver ⊼ (Charles) :batman:
and 1 other
boosted
The HTTP-protocol is (also) a de facto layer-4 transport-layer-protocol.
It might have been intended to be a layer-7 application-layer-protocol, but — look at how people are using it.
Applications are built on top of the HTTP-protocol somewhat similarly to how people decades ago would have built applications on top of the TCP-protocol.
Even the Fediverse uses the HTTP-protocol in this way — as a layer-4 transport-layer-protocol.
I like the Gemini Protocol, but — I think too many of the other small-net protocols try to mimic Gemini.
One alternative path that small-net & small-web communities could try is —
Make a new version of the HTTP protocol.
One that includes small-net values.
A small-net HTTP (HTTP/1.4 ?) server could be backwards compatible, such that extant web-browsers could see something (even if the experience is better in a small-net web-browser).
Quad9 DOH HTTP/1.1 Retirement, December 15, 2025
https://quad9.net/news/blog/doh-http-1-1-retirement/
#HackerNews #Quad9 #DOH #HTTP/1.1 #Retirement #December #15 #2025 #Cybersecurity #DNS #Privacy #TechNews
Chewie
boosted
@daniel@gultsch.social
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
I started going to IETF meetings. Those events take place 3 times a year, with ~1000 people attending in person and another ~1000 remotely. A good chunk of those are paid to be there and some are employed by big companies like Apple and Google. This is the place where the fundamental fabric of the internet is constantly being improved. TLS 1.3, HTTP/3, MLS to name a few.
With this in mind I have no fucking clue what Moxie was on about when he said interoperable protocols are stuck in the 1990s.
@daniel@gultsch.social
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
Debby ⁂📎🐧:disability_flag:
boosted
Chrome to warn on unencrypted HTTP by default
https://security.googleblog.com/2025/10/https-by-default.html
#HackerNews #Chrome #HTTP #Warning #Security #Browser #Update
Write Node.js code in Rust to achieve massive HTTP throughput
https://www.npmjs.com/package/brahma-firelight
#HackerNews #Nodejs #Rust #HTTP #Throughput #Performance #Optimization
alcinnz
boosted
Some things would be easier if certain public HTTP-based APIs supported a (custom) APPEND HTTP-method.
To let users append to an existing file.
⁂
PUT is inefficient for this use case.
PATCH and POST already exist, but what they support is much more generic than this. It is the same way that you could use POST instead of DELETE, PATCH, and PUT; but it is simpler in some ways if you use a separate method for each pattern.
Some things would be easier if certain public HTTP-based APIs supported a (custom) APPEND HTTP-method.
To let users append to an existing file.
⁂
PUT is inefficient for this use case.
PATCH and POST already exist, but what they support is much more generic than this. It is the same way that you could use POST instead of DELETE, PATCH, and PUT; but it is simpler in some ways if you use a separate method for each pattern.
RE: https://mastodon.social/@reiver/115352274818575263
This probably means that someone should modernize HTTP by creating HTTP/1.4.
The HTTP-protocol is (also) a de facto layer-4 transport-layer-protocol.
It might have been intended to be a layer-7 application-layer-protocol, but — look at how people are using it.
Applications are built on top of the HTTP-protocol somewhat similarly to how people decades ago would have built applications on top of the TCP-protocol.
Even the Fediverse uses the HTTP-protocol in this way — as a layer-4 transport-layer-protocol.
alcinnz
boosted
Google more-or-less created 2 new versions of the HTTP protocol — HTTP/2 and HTTP/3 —
But didn't bother make either of them (officially) support UTF-8 in the HTTP request.
Google more-or-less created 2 new versions of the HTTP protocol — HTTP/2 and HTTP/3 —
But didn't bother make either of them (officially) support UTF-8 in the HTTP request.
Stefano Marinelli
boosted
I’ve been using static-web-server to host a local mirror for my machines, and the experience has been excellent.
It’s incredibly fast, lightweight, and easy to run and perfect for those times when you just want to serve files without the overhead of a full web server like Apache.
To make it even simpler for Slackware users, I wrote the https://slackbuilds.org/repository/15.0/network/static-web-server/?search=static-web-server
#slackware #rust #staticwebserver #http