IEEE

Request Smuggling Via HTTP/2 Cleartext in the Wild: Empirical Testing with Differential Fuzzing

Abstract: The Request Smuggling Via HTTP/2 Cleartext (H2C Smuggling) attacks exploit vulnerabilities in the handling of HTTP request headers by proxy servers, allowing attackers to bypass security ...
GitHub

Support forwarding HTTP request headers from pyroscope.receive_http to pyroscope.write

In multi-tenant Pyroscope setups, it would be very useful if pyroscope.receive_http could forward incoming HTTP headers (e.g., X-Scope-OrgID) along with the profile data to downstream components such ...