It's generally unwise to use compression for encrypted transport such as TLS or HTTP/S.
https://en.wikipedia.org/wiki/Oracle_attack
You’re right—no compression over TLS by default. If I add deflate support later it will be opt-in and disabled when the connection is encrypted.
Appreciate the insights!
You’re right—no compression over TLS by default. If I add deflate support later it will be opt-in and disabled when the connection is encrypted.
Appreciate the insights!