| ▲ | duskwuff 5 days ago | |
> I don’t get why headers and requests need to be spoofed if all traffic is over https? Because the traffic is to a CDN endpoint (like Cloudflare) which expects it to be a HTTP message. | ||
| ▲ | tomsonj 5 days ago | parent [-] | |
it can still be an https message, who cares what the path, query string, or headers look like? that is all encrypted | ||