An Introduction to Web Security
Kevin Hernández
@kevinah95
·
Kevin Hernández
Programming Artist
@kevinah95
What is Web Security?
What is HTTP?
The HTTP authentication framework does not define a single mechanism for maintaining the confidentiality of credentials; instead, each authentication scheme defines how the credentials are encoded prior to transmission.
Hypertext Transfer Protocol (HTTP/1.1): Authentication — RFC7235
What is HTTPS and Why Is It Important?
HTTPS protects the integrity of your website
HTTPS protects the privacy and security of your users
HTTPS is the future of the web
HTTP/2
All requests are downloaded in parallel, not in a queue
HTTP headers are compressed
Pages transfer as a binary, not as a text file, which is more efficient
Servers can “push” data even without the user’s request, which improves speed for users with high latency
The Magic Behind HTTPS
— by Sebastián Peyrott (OAuth Blog)