Simon Willison’s Weblog

23rd March 2010 - Link Blog

Side-Channel Leaks in Web Applications. Interesting new security research. SSL web connections encrypt the content but an attacker can still see the size of the HTTP requests going back and forward—which can be enough to extract significant pieces of information, especially in applications that make a lot of Ajax requests.

Posted 23rd March 2010 at 4:24 pm

Recent articles

Publishing WASM wheels to PyPI for use with Pyodide - 13th June 2026
Claude Fable is relentlessly proactive - 11th June 2026
Initial impressions of Claude Fable 5 - 9th June 2026

This is a link post by Simon Willison, posted on 23rd March 2010.

ajax 61 http 124 security 609 sidechannel 3 ssl 9

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe