Is it possible to implement something similar but with a protocol that supports ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cuechan 11 hours ago \| parent \| context \| favorite \| on: A better zip bomb (2019) Is it possible to implement something similar but with a protocol that supports compression? Can we have a zip bomb but with a compressed http response that gets decompressed on the client? There are many protocols that support compression in some way.

dontdoxxme 11 hours ago | [–]

Previously: I use zip bombs to protect my server (idiallo.com) 1076 points https://news.ycombinator.com/item?id=43826798

moreati 10 hours ago | [–]

There was https://idiallo.com/blog/zipbomb-protection earlier this year. It sends highly compressed output of /dev/zero. No overlapping files or recursively compressed payloads.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact