IEEE

Request Smuggling Via HTTP/2 Cleartext in the Wild: Empirical Testing with Differential Fuzzing

Abstract: The Request Smuggling Via HTTP/2 Cleartext (H2C Smuggling) attacks exploit vulnerabilities in the handling of HTTP request headers by proxy servers, allowing attackers to bypass security ...
GitHub

Finance Data Processing and Access Control Backend

This project is a full-stack finance dashboard application built with FastAPI (Python) backend and React frontend. It demonstrates proper backend architecture, role-based access control, comprehensive ...
GitHub

JWT Refresh Token Authentication

Most developers implement JWT and assume logout is handled by deleting the token from the browser. It is not. The token is still valid on the server until it expires. If it was stolen before logout, ...