|
|
|
|
|
|
by em-bee
1871 days ago
|
|
|
the attackers are intercepting the initial request which is a plain text tcp packet containing the https url. that https is then stripped from the url, turning the url into a plain http request. i think the only way to prevent that from working is if the websites outright reject http requests. |
|
|